LDAP anonymous binds

Description

The remote LDAP server allows anonymous binds. Anonymous binds (or NULL binds) permits an attacker to anonymously access information from the LDAP directory.

Remediation

If you are not using this service, it is recommended to disable it. Otherwise, it is recommended to disable anonymous binds.

References
Severity
Classification
Tags
  • Information Disclosure  Configuration  Network Alert