Home

Description

CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data such as group memberships. Fixed in 1.1.1.

PUBLISHED Reserved 2025-04-15 | Published 2025-09-17 | Updated 2025-09-30 | Assigner cisa-cg




MEDIUM: 5.4CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-90 Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

Product status

Default status
unknown

1.0.0 (custom) before 1.1.1
affected

1.1.1
unaffected

Credits

, OpenAI Security Research

References

github.com/cisagov/thorium/releases/tag/1.1.1 (url)

github.com/...ommit/7c94a0b9bc2dc55e0c307360452f348bac06820c (url)

www.cve.org/CVERecord?id=CVE-2025-35431 (url)

raw.githubusercontent.com/...IT/white/2025/va-25-259-01.json (url)

cve.org (CVE-2025-35431)

nvd.nist.gov (CVE-2025-35431)

Download JSON