IAG0110

## Ldap Injection in PegaSystem 8.2 or less )CVE-2019-16374)

# Exploit Title: Ldap Injection in Pegasystem
# Date: 16/09/2019
# Vendor Homepage: https://www.pega.com/
# Version: 8.2 or less
# Tested on: linux
# CVE : CVE-2019-16374
Description:  Pega Platform 8.2.1 or less allows LDAP injection because a username can contain  a * character and can be of unlimited length. An attacker can specify four characters of a username, followed by the * character, to bypass access
 [Additional Information]:
Application allows asterisk in the username parameter where the application is integrated with LDAP. The XSS filter implemented in sanitizing the user input at login function is failed to filter out the asterisk '*' value which allowed to exploit this vulnerability and lead to password spraying attack.

	# Exploit Title: Ldap Injection in Pegasystem
	# Date: 16/09/2019
	# Vendor Homepage: https://www.pega.com/
	# Version: 8.2 or less
	# Tested on: linux
	# CVE : CVE-2019-16374
	Description: Pega Platform 8.2.1 or less allows LDAP injection because a username can contain a * character and can be of unlimited length. An attacker can specify four characters of a username, followed by the * character, to bypass access
	[Additional Information]:
	Application allows asterisk in the username parameter where the application is integrated with LDAP. The XSS filter implemented in sanitizing the user input at login function is failed to filter out the asterisk '*' value which allowed to exploit this vulnerability and lead to password spraying attack.