CVE-2024-9102

EUVD-2024-50429
phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a Comma-Separated Value (CSV) file, but it does not neutralize special elements that could be interpreted as a command when the file is opened by a spreadsheet product. Thus, this could lead to CSV Formula Injection. NOTE: This vulnerability will not be addressed, the maintainer's position is that it is not the intention of phpLDAPadmin to control what data Administrators can put in their LDAP database, nor filter it on export.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NCSC.chCNA
5 MEDIUM
LOCAL
LOW
LOW
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
phpldapadmin_projectphpldapadmin
1.2.0
CNA
phpldapadmin_projectphpldapadmin
1.2.6.7
CNA
Debian logo
Debian Releases
Debian Product
Codename
phpldapadmin
bookworm
unimportant
forky
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
phpldapadmin
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
noble
needs-triage
oracular
ignored
plucky
needs-triage
questing
needs-triage
xenial
needs-triage
Common Weakness Enumeration
References
https://github.com/leenooks/phpLDAPadmin/commit/ea17aadef46fd29850160987fe7740ceed1381ad#diff-93b9f3e6d4c5bdacf469ea0ec74c1e9217ca6272da9be5a1bfd711f7da16f9e3R240
https://github.com/leenooks/phpLDAPadmin/issues/274#issuecomment-2586859072
https://sourceforge.net/projects/phpldapadmin/files/phpldapadmin-php5/1.2.0
https://www.redguard.ch/blog/2024/12/19/security-advisory-phpldapadmin/