Improper Authentication
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-287: Improper Authentication |
| OWASP | A02:2017 - Broken Authentication |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The code is binding to an LDAP server without providing a password, allowing anonymous access. This means anyone can connect to your LDAP server without authentication.
Impact#
If exploited, attackers could access or query sensitive directory information without valid credentials. This can lead to data exposure, unauthorized access to user details, or facilitate further attacks against your application or infrastructure.