Vulnerability: Alerta < 8.1.0 - Authentication Bypass

Alerta prior to version 8.1.0 is prone to authentication bypass when using LDAP as an authorization provider and the LDAP server accepts Unauthenticated Bind requests.

Impact

Successful exploitation of this vulnerability allows an attacker to bypass authentication and gain unauthorized access to Alerta.

Severity

critical

Verified

Unknown