CVE-2020-15841 (GCVE-0-2020-15841)

Vulnerability from cvelistv5 – Published: 2020-07-20 01:06 – Updated: 2024-08-04 13:30
VLAI?
Summary
Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and 7.2 before fix pack 4, does not safely test a connection to a LDAP server, which allows remote attackers to obtain the LDAP server's password via the Test LDAP Connection feature.
Severity ?
8.3 (High)
CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:R
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:30:22.302Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317439"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://issues.liferay.com/browse/LPE-16928"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and 7.2 before fix pack 4, does not safely test a connection to a LDAP server, which allows remote attackers to obtain the LDAP server\u0027s password via the Test LDAP Connection feature."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:R",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-20T01:06:39",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317439"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://issues.liferay.com/browse/LPE-16928"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-15841",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and 7.2 before fix pack 4, does not safely test a connection to a LDAP server, which allows remote attackers to obtain the LDAP server\u0027s password via the Test LDAP Connection feature."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:R",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317439",
              "refsource": "MISC",
              "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317439"
            },
            {
              "name": "https://issues.liferay.com/browse/LPE-16928",
              "refsource": "MISC",
              "url": "https://issues.liferay.com/browse/LPE-16928"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-15841",
    "datePublished": "2020-07-20T01:06:39",
    "dateReserved": "2020-07-20T00:00:00",
    "dateUpdated": "2024-08-04T13:30:22.302Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"726967CC-1BE0-48AB-8BD1-BE4B09ADFD36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_13:*:*:*:*:*:*\", \"matchCriteriaId\": \"4874012D-52AA-4C32-95E9-BD331225B4E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_14:*:*:*:*:*:*\", \"matchCriteriaId\": \"21CAF86F-CEC9-44EE-BAF8-0F7AF9D945F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_24:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF6C9F29-EEFF-4737-BD50-58572D6C14E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_25:*:*:*:*:*:*\", \"matchCriteriaId\": \"D24E1FA0-BD94-4AFC-92BF-AEDEBC7DCF4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_26:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF9B54EE-973B-44B4-8EA2-B58FA49AC561\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_27:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9637223-557D-474B-A46B-D276866376C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_28:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6306F9C-99DE-4F94-8E7F-6747762BEC45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_3\\\\+:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DFF08F0-77C1-43A0-B7DD-9B905BE074EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_30:*:*:*:*:*:*\", \"matchCriteriaId\": \"48B7015C-26B9-453E-B3CF-9B220D3A8024\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_33:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FEB6921-3C45-4B7E-8B34-CDC34984583D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_35:*:*:*:*:*:*\", \"matchCriteriaId\": \"525F45DC-2E5C-46A8-AEDF-9D6B8FA2EB11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_36:*:*:*:*:*:*\", \"matchCriteriaId\": \"55755D0C-4C0C-42D9-BE5E-5D33C8BA4C7F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_39:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB4FE0F9-EB19-45D7-A953-674629D951F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_40:*:*:*:*:*:*\", \"matchCriteriaId\": \"22E4B63F-01A9-4F85-92BC-A51F41BE4121\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_41:*:*:*:*:*:*\", \"matchCriteriaId\": \"23BE441D-8770-4F4D-86CD-4E53161F54FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_42:*:*:*:*:*:*\", \"matchCriteriaId\": \"E14FF010-3907-4C79-B945-C792E446CB31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_43:*:*:*:*:*:*\", \"matchCriteriaId\": \"B97B5817-B55E-485D-9747-3A50CF7245C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_44:*:*:*:*:*:*\", \"matchCriteriaId\": \"19EBD671-56BD-45D3-9248-DAF3F47B36FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_45:*:*:*:*:*:*\", \"matchCriteriaId\": \"93EDC2A1-9622-44DB-ABA8-754D61B60787\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_46:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4B6A06D-C323-431C-9A65-4FD6A6E4CAB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_47:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE6D4466-1C3A-4D5A-A65C-A30A87EADF1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_48:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F0BC40A-8E13-4665-A2E4-F5815CA70E17\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_49:*:*:*:*:*:*\", \"matchCriteriaId\": \"11FB69C3-7755-495A-AB76-201AF4D9623B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_50:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF66F652-6C08-4D47-865D-36E70360B632\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_51:*:*:*:*:*:*\", \"matchCriteriaId\": \"17B68D59-0509-4C6A-B803-03A02EB76F1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_52:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F69B287-3B86-4B64-BCB4-40E9495A628D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_53:*:*:*:*:*:*\", \"matchCriteriaId\": \"C627090E-A1BF-4332-9538-EE4E184DB65E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_54:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A089471-9944-4C75-A25F-1F23C18C0CF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_56:*:*:*:*:*:*\", \"matchCriteriaId\": \"B90E7FBF-6B5B-457A-8B20-ECA69A626BB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_57:*:*:*:*:*:*\", \"matchCriteriaId\": \"1975C1AB-EF50-42E2-9879-17FB763B45F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_58:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFB7BB13-773B-47A6-A001-B9EBA46C917E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_59:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C4A2D39-3725-4E80-9F3F-AC1F4EE662E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_60:*:*:*:*:*:*\", \"matchCriteriaId\": \"BAEDF88B-B9C8-4891-B199-A72C066FC7BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_61:*:*:*:*:*:*\", \"matchCriteriaId\": \"F768E1DD-3DC6-4783-82DE-D089C7CD3C63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_64:*:*:*:*:*:*\", \"matchCriteriaId\": \"426EDA92-FE5A-4523-8AAE-1E5D5D67F535\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_65:*:*:*:*:*:*\", \"matchCriteriaId\": \"070CB609-6D4B-4817-9F91-00BD62423E56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_66:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEE87846-A4CF-47E5-93AA-5D7E2548D28D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_67:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4C11B0E-6D94-4A65-83BE-1E5828710CB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_68:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1DC73B1-4017-424F-A28D-F54F2FA8ED8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_69:*:*:*:*:*:*\", \"matchCriteriaId\": \"32B4FD3C-7BB7-4DA2-9A3A-05A6370B9745\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_70:*:*:*:*:*:*\", \"matchCriteriaId\": \"71293E5B-4DCC-47BC-A493-3540D57E6067\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_71:*:*:*:*:*:*\", \"matchCriteriaId\": \"56A8940B-318E-4C6A-9131-A50E90E82C28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_72:*:*:*:*:*:*\", \"matchCriteriaId\": \"F09B5E82-DC18-4B07-9A05-E433579B4FB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_73:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE25D189-2D6F-4229-BF09-2CEA0A6C5D50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_75:*:*:*:*:*:*\", \"matchCriteriaId\": \"36549BE5-DEDB-408A-BFC9-AB00031D45DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_76:*:*:*:*:*:*\", \"matchCriteriaId\": \"E11B8075-4212-41CB-85AC-09FA1CDB86A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_78:*:*:*:*:*:*\", \"matchCriteriaId\": \"80412DCE-D79F-492A-8788-6A43C4D76D7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_79:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC7A939F-21D1-4AF1-BAB9-E91DFCFFB7A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_80:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F2240FC-EDDC-47F5-B713-07FF2D23CE00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.0:fix_pack_81:*:*:*:*:*:*\", \"matchCriteriaId\": \"5006AAE4-B154-468A-850C-20171965E2AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"980981E7-41E3-4F67-A90C-4460BE4CA62A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"392B783D-620D-4C71-AAA0-848B16964A27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F5A94E2-22B7-4D2D-A491-29F395E727C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_11:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9B10908-C42B-4763-9D47-236506B0E84A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_12:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF544435-36AC-49B8-BA50-A6B6D1678BBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_13:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D265542-5333-4CCD-90E5-B5F6A55F9863\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_14:*:*:*:*:*:*\", \"matchCriteriaId\": \"1763CD8B-3ACD-4617-A1CA-B9F77A074977\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_15:*:*:*:*:*:*\", \"matchCriteriaId\": \"F25C66AA-B60D-413C-A848-51E12D6080AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_16:*:*:*:*:*:*\", \"matchCriteriaId\": \"071A0D53-EC95-4B18-9FA3-55208B1F7B94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3233D306-3F8E-40A4-B132-7264E63DD131\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EAEA45A-0370-475E-B4CB-395A434DC3A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"39310F05-1DB6-43BA-811C-9CB91D6DCF20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6135B16-C89E-4F49-BA15-823E2AF26D68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC887BEC-915B-44AC-B473-5448B3D8DCF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7A7CC60-C294-41EC-B000-D15AAA93A3D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_8:*:*:*:*:*:*\", \"matchCriteriaId\": \"022132F8-6E56-4A29-95D6-3B7861D39CDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.1:fix_pack_9:*:*:*:*:*:*\", \"matchCriteriaId\": \"651DA9B7-9C11-47A7-AF5C-95625C8FFF6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"597580A0-6E74-41D5-9242-9187AF618AD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFCF99EC-3384-418D-A419-B9DB607BE371\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"31E05134-A0C5-4937-A228-7D0884276B67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:dxp:7.2:fix_pack_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F06C4AD-FD20-4345-8386-0895312F0A00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.3.0\", \"matchCriteriaId\": \"8B61E29C-3071-41EF-9774-185F91282DEB\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and 7.2 before fix pack 4, does not safely test a connection to a LDAP server, which allows remote attackers to obtain the LDAP server\u0027s password via the Test LDAP Connection feature.\"}, {\"lang\": \"es\", \"value\": \"Liferay Portal versiones anteriores a 7.3.0, y Liferay DXP versi\\u00f3n 7.0 anterior al paquete de correcci\\u00f3n 89, versi\\u00f3n 7.1 anterior al paquete de correcci\\u00f3n 17, y versi\\u00f3n 7.2 anterior al paquete de correcci\\u00f3n 4, no prueba de forma segura una conexi\\u00f3n a un servidor LDAP, lo que permite a los atacantes remotos obtener la contrase\\u00f1a del servidor LDAP a trav\\u00e9s de la funci\\u00f3n Probar conexi\\u00f3n LDAP\"}]",
      "id": "CVE-2020-15841",
      "lastModified": "2024-11-21T05:06:17.933",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"cve@mitre.org\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\", \"baseScore\": 8.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2020-07-20T02:15:11.347",
      "references": "[{\"url\": \"https://issues.liferay.com/browse/LPE-16928\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317439\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://issues.liferay.com/browse/LPE-16928\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317439\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-15841\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-07-20T02:15:11.347\",\"lastModified\":\"2025-08-15T20:21:27.623\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7.1 before fix pack 17, and 7.2 before fix pack 4, does not safely test a connection to a LDAP server, which allows remote attackers to obtain the LDAP server\u0027s password via the Test LDAP Connection feature.\"},{\"lang\":\"es\",\"value\":\"Liferay Portal versiones anteriores a 7.3.0, y Liferay DXP versi\u00f3n 7.0 anterior al paquete de correcci\u00f3n 89, versi\u00f3n 7.1 anterior al paquete de correcci\u00f3n 17, y versi\u00f3n 7.2 anterior al paquete de correcci\u00f3n 4, no prueba de forma segura una conexi\u00f3n a un servidor LDAP, lo que permite a los atacantes remotos obtener la contrase\u00f1a del servidor LDAP a trav\u00e9s de la funci\u00f3n Probar conexi\u00f3n LDAP\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4614C87F-F39C-4ADD-A7A2-4A498612AD38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"70E12054-0DEE-4B92-B8F6-7DC4B2461113\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*\",\"matchCriteriaId\":\"F220793A-FDAC-48C6-B299-39EB3BC077A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*\",\"matchCriteriaId\":\"F095A9E1-5FE1-46C4-B0E1-97F8767439D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFD748DD-6FDB-44CD-96BF-026D18CE4207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3C2426-7617-4535-B86A-7F9BA45DFD0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA6B2500-42E4-4F87-8B93-2F7399B4F611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*\",\"matchCriteriaId\":\"28955834-8E02-4558-ABD3-4958DBB41423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4206C84-C4BD-4363-A4CA-EE229CE06319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F644864-1056-4A0C-ADD7-A1992A0AC07D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*\",\"matchCriteriaId\":\"91E9BAE9-CD40-4353-95DB-7D9ADC338F95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*\",\"matchCriteriaId\":\"661E68A2-B365-4962-87CF-CE17A500889F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5D28279-002A-4BC7-9396-E47FC842D7AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*\",\"matchCriteriaId\":\"C700ED72-4626-48A0-B1BB-E0A7C12D454F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F473DF1-F70D-4EDB-A011-C8D1C6A21659\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*\",\"matchCriteriaId\":\"357845C1-3834-465A-B9CA-F9C604AA8242\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD35964D-4156-45B8-A0AB-282DA9F4FA47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*\",\"matchCriteriaId\":\"35656567-EF24-4948-A72A-C754D6E419B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9A3D95D-4539-432D-B241-376F312534AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F329F1-5BB1-42A7-98CE-B0EB5819D60A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B7111FA-9FD7-4952-AFE1-07D3E14854F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*\",\"matchCriteriaId\":\"0383C4C4-A7BB-418D-9A98-AC4233722961\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA281A20-7599-446B-9587-118E920403D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*\",\"matchCriteriaId\":\"9514E8F5-1D0B-4CDF-BD03-087326F6C252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*\",\"matchCriteriaId\":\"78BC7D6C-2A10-4F78-9C41-EA97665C246E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA9BE427-78D7-4DEE-A174-F3E3675B44A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C10325C-8670-499B-B003-7D8634539C5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F692BEB-5CB1-41EA-B715-64AB0036F6CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*\",\"matchCriteriaId\":\"427C4DF5-9039-4CB5-B600-5F965E20D945\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*\",\"matchCriteriaId\":\"44B7A2A2-5764-4EDB-AA44-25F8508CF128\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*\",\"matchCriteriaId\":\"55D94917-5360-4179-A017-1287C63A6E6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D378A23-113D-47AC-9CB5-2658C357FFB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*\",\"matchCriteriaId\":\"58FB119E-508C-45F7-8AD8-B67AAAEA53D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B3359A5-D39B-4322-8963-B138D791D232\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*\",\"matchCriteriaId\":\"E11E2FBD-7541-4CE3-8A78-52FB82571547\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*\",\"matchCriteriaId\":\"3883F470-8D8D-4CB3-BF4A-0C401BDABC83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E8CEA39-4A7F-4827-91FA-31119201D174\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3768AC9-A245-4B81-8D1D-9D9C5354245C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*\",\"matchCriteriaId\":\"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FF2D31F-8719-41A6-ADD5-15BE9409428E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*\",\"matchCriteriaId\":\"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*\",\"matchCriteriaId\":\"06835B0A-A2DF-44D3-A38F-59E5D5523FFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*\",\"matchCriteriaId\":\"B746D0CF-76F6-42A1-9056-CA9622DCD806\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"27DF695E-B890-42C2-8941-5BB53154755F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"072F6C59-3D86-48D1-A14E-477FFFA3B1D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"680D7963-1393-4E86-A65F-D4463D532120\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"D81E73DD-FD21-4082-A883-34422AE6C024\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6DD0451-98EA-4140-8294-77A14F063E2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*\",\"matchCriteriaId\":\"408BD438-E15C-422F-9612-C62A7387FC63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*\",\"matchCriteriaId\":\"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"386F0E26-78DC-4D59-A20F-B41D0E59561B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"54576481-2AE9-4133-9EFA-B7FBDCA4427D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E29CE810-76D5-4283-B102-70344B6C9506\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA869467-C560-4130-A180-86819F6A8673\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC0C94B7-31FB-4115-8EDE-62CC459B6663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"07DEAA71-53DA-4508-B7E6-924ABED49E66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"467323F6-5CA7-42A0-9810-C6FA694CEC93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7E68DF8-749B-4284-A7C9-929701A86B36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CECAA19-8B7F-44C8-8059-6D4F2105E196\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CBCEEB-7C28-4769-813F-3F01E33D2E08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.0\",\"matchCriteriaId\":\"8B61E29C-3071-41EF-9774-185F91282DEB\"}]}]}],\"references\":[{\"url\":\"https://issues.liferay.com/browse/LPE-16928\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317439\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://issues.liferay.com/browse/LPE-16928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317439\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.