CISA Thorium LDAP injection_CVE-2025-35431

5.4 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Description

CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data such as group memberships. Fixed in 1.1.1.

Basic Information

ID CVE-2025-35431

Source cisa-cg

Published Sep 17, 2025 at 16:52

Affected Product

Vendor CISA

Product Thorium

Version 1.0.0

Affected Versions CISA Thorium 1.0.0

CWE Classification

CWE-90

References

{
    "lastseen": "",
    "description": "CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data such as group memberships. Fixed in 1.1.1.",
    "published": "2025-09-17T16:52:16.293Z",
    "modified": "2025-09-17T16:52:16.293Z",
    "type": "cve",
    "title": "CISA Thorium LDAP injection",
    "source": "cisa-cg",
    "references": "https://github.com/cisagov/thorium/releases/tag/1.1.1\nhttps://github.com/cisagov/thorium/commit/7c94a0b9bc2dc55e0c307360452f348bac06820c#diff-45e1e58dfb6faacf9efe778c31ead287d8e13ae07c5dad084c792bc4a0605a68R1007-R1008\nhttps://www.cve.org/CVERecord?id=CVE-2025-35431\nhttps://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-259-01.json",
    "id": "CVE-2025-35431",
    "bulletinFamily": "",
    "cwe": [
        "CWE-90"
    ],
    "cvelist": null,
    "sourceData": "CISA Thorium 1.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.4,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Thorium",
    "version": "1.0.0",
    "vendor": "CISA",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}