{
  "id": "CVE-2024-25655",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-03-18T20:15:08.917",
  "lastModified": "2024-03-19T13:26:46.000",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allows members (with read access to the application database) to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP."
    },
    {
      "lang": "es",
      "value": "El almacenamiento inseguro de contrase\u00f1as LDAP en la funcionalidad de autenticaci\u00f3n de AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS permite a los miembros (con acceso de lectura a la base de datos de la aplicaci\u00f3n) descifrar las contrase\u00f1as LDAP de los usuarios que se autentican exitosamente en la administraci\u00f3n web a trav\u00e9s de LDAP."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25655",
      "source": "cve@mitre.org"
    }
  ]
}