CRITICAL
Pardus
CVE published 2021-10-01
CVE-2021-3825
CVE-2021-3825 is a critical authentication and data exposure issue in the Lider module of LiderAhenk. According to the CVE description and NVD data, versions 2.1.15 and below expose an unsecured configuration API that can leak configuration data, including valid LDAP credentials. Because those credentials can unlock broader directory and identity access, the impact can extend well beyond the original API exposure.