Primary

Context

AxxonSoft Axxon One Improper Authentication Vulnerability in LDAP Group Evaluation

Vulnerability

A vulnerability exists in the LDAP authentication engine of AxxonSoft Axxon One versions through 2.0.2 on Windows. It allows remote authenticated users to be incorrectly denied access or assigned roles due to improper handling of nested LDAP group memberships during the login process.

Impact

This vulnerability can lead to unauthorized access denial or incorrect role assignments, disrupting user access management.

Remediation

Users are advised to upgrade to Axxon One version 2.0.2 or later. Regular audits of external LDAP directory structures for correct nesting and role mapping are also recommended.

Added: Sep 10, 2025, 1:19 PM

Updated: Sep 10, 2025, 1:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AxxonSoft Axxon One Improper Authentication Vulnerability in LDAP Group Evaluation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating