A critical security vulnerability (CVE-2022-46337) in Apache Derby, an open-source relational database implemented entirely in Java, has exposed systems to authentication bypass attacks via LDAP injection. The flaw, rated with a CVSS score of 9.1, enables attackers to craft malicious usernames that circumvent LDAP authentication checks, potentially granting unauthorized access to sensitive data and database […]
The post Apache Derby Vulnerability Let Attackers Bypass Authentication with LDAP Injection appeared first on Cyber Security News.
This article has been indexed from Cyber Security News