CVE-2026-42568
Deferred Deferred - Pending Action

LDAP Injection in Yamcs Framework

Vulnerability report for CVE-2026-42568, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-10

Last updated on: 2026-06-10

Assigner: GitHub, Inc.

Description

Yamcs is a mission control framework. Prior to versions 5.13.0 and 5.12.7, an LDAP injection vulnerability exists in `org.yamcs.security.LdapAuthModule` when constructing search filters. The username parameter is inserted directly into the LDAP filter without proper RFC 4515 escaping. Versions 5.13.0 and 5.12.7 patch the issue.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-10
Last Modified
2026-06-10
Generated
2026-07-01
AI Q&A
2026-06-11
EPSS Evaluated
2026-06-30
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
yamcs yamcs to 5.12.7|end_excluding=5.13.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-90 The product constructs all or part of an LDAP query using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended LDAP query when it is sent to a downstream component.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an LDAP injection issue found in the Yamcs mission control framework, specifically in the LdapAuthModule component. Before versions 5.13.0 and 5.12.7, the username parameter was directly inserted into LDAP search filters without proper escaping according to RFC 4515. This improper handling allows an attacker to manipulate the LDAP query by injecting malicious input.

Impact Analysis

The LDAP injection vulnerability can allow an attacker with some level of privileges to manipulate LDAP queries, potentially bypassing authentication controls or accessing unauthorized information. The CVSS score of 4.3 indicates a low to medium severity impact, primarily affecting confidentiality but not integrity or availability.

Mitigation Strategies

To mitigate this LDAP injection vulnerability in Yamcs, you should upgrade to versions 5.13.0 or 5.12.7, where the issue has been patched.

Compliance Impact

The vulnerability is an LDAP injection in Yamcs versions prior to 5.13.0 and 5.12.7, which allows improper handling of the username parameter in LDAP search filters.

This vulnerability could potentially lead to unauthorized access or information disclosure through LDAP queries, which may impact the confidentiality of user data.

Since GDPR and HIPAA require protection of personal and sensitive data, exploitation of this vulnerability might result in non-compliance due to possible data exposure or unauthorized access.

However, the CVE description does not explicitly mention compliance impacts or regulatory considerations.

Detection Guidance

This vulnerability is an LDAP injection in the Yamcs LdapAuthModule caused by improper escaping of the username parameter in LDAP search filters.

To detect this vulnerability on your system, you should check if your Yamcs deployment is using versions prior to 5.13.0 or 5.12.7 and if it is configured to use org.yamcs.security.LdapAuthModule for authentication.

Detection can involve monitoring LDAP authentication requests for unusual or specially crafted usernames containing LDAP special characters such as '*', '(', or ')', which could indicate attempts to exploit the injection.

Since the vulnerability involves LDAP filters constructed without proper escaping, you can attempt to test the authentication mechanism by sending LDAP authentication requests with usernames containing special characters to see if unauthorized access or unexpected behavior occurs.

Specific commands are not provided in the available resources, but general approaches include:

  • Using LDAP query monitoring tools or logs to identify suspicious LDAP filter patterns.
  • Testing authentication endpoints with usernames containing LDAP special characters (e.g., '*', '(', ')') to observe if the system improperly authenticates or returns unexpected results.
  • Checking the Yamcs version installed by running commands like `yamcs --version` or inspecting the deployment package to verify if it is older than 5.13.0 or 5.12.7.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42568. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart