Vulnerability CVE-2022-37397
Published: 2022-08-12

Description:
An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft??s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows bypass of authentication with an empty password.

 References:
https://www.yugabyte.com/
Copyright 2026, cxsecurity.com

 

Back to Top