CVE-2016-2403

Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sensiolabs:symfony:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:2.8.3:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:2.8.4:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:2.8.5:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sensiolabs:symfony:3.0.3:*:*:*:*:*:*:*

Information

Published : 2017-02-07 09:59

Updated : 2018-08-05 18:29


NVD link : CVE-2016-2403

Mitre link : CVE-2016-2403


JSON object : View

CWE
CWE-287

Improper Authentication

Advertisement

dedicated server usa

Products Affected

sensiolabs

  • symfony