CVE-2021-29156 Scanner

ForgeRock OpenAM is an open-source Single Sign-On (SSO) product that provides authentication and access management through APIs and web-based interfaces. It is primarily used by organizations to manage user identities and access control across various applications and systems. OpenAM allows users to authenticate with their credentials once and then access multiple resources within an organization without having to sign in again.

CVE-2021-29156 is a vulnerability in ForgeRock OpenAM that allows for LDAP injection via the Webfinger protocol. Hackers can inject queries into the system to steal sensitive data such as password hashes, retrieve session tokens, and access private keys. This vulnerability affects OpenAM products before version 13.5.1 and can be exploited by an unauthenticated attacker.

If the CVE-2021-29156 vulnerability in ForgeRock OpenAM is exploited, it can lead to a variety of security risks for affected organizations. Attackers can steal valuable information, including user credentials, and use it to launch further attacks on the organization. This can result in potential data breaches, financial loss, and reputational damage to businesses.

Securityforeveryone.com provides pro features that enable users to easily and quickly learn about vulnerabilities in their digital assets. By signing up, users can receive alerts for new vulnerabilities like CVE-2021-29156 and take immediate action to protect their systems. This platform offers security professionals and organizations a comprehensive range of tools and services, including risk assessments, vulnerability scanning, penetration testing, and security awareness training. By leveraging these tools, events like CVE-2021-29156 can be proactively addressed and mitigated quickly and effectively.

REFERENCES

• https://bugster.forgerock.org/jira/browse/OPENAM-10135
• https://portswigger.net/research/hidden-oauth-attack-vectors