CVE-2014-8764

Severity CVSS v4.0:
Pending analysis
Type:
CWE-287 Authentication Issues
Publication date:
22/10/2014
Last modified:
12/04/2025

Description

DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:mageia_project:mageia:3.0:*:*:*:*:*:*:*
cpe:2.3:o:mageia_project:mageia:4.0:*:*:*:*:*:*:*
cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:* 2013-12-08 (including)