OVAL Reference oval:com.ubuntu.cosmic:def:2018114070000000

Oval Definition:

oval:com.ubuntu.cosmic:def:2018114070000000

Revision Date:	2018-06-13	Version:	1
Title:	CVE-2018-11407 on Ubuntu 18.10 (cosmic) - medium.
Description:	An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an unauthenticated bind. NOTE: this issue exists because of an incomplete fix for CVE-2016-2403.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-11407
Platform(s):	Ubuntu 18.10	Product(s):
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed. AND symfony package in cosmic, is related to the CVE in some way and has been fixed (note: '3.4.15+dfsg-2ubuntu4').