DETECTION OVERVIEW

LDAP Plaintext Authentication

Risk Factors

LDAP servers can be misconfigured to accept plaintext usernames and passwords over unencrypted connections. This type of misconfiguration increases the risk of exposing plaintext passwords to attackers that capture traffic through network sniffing.

Kill Chain

Hardening

Risk Score

Attack Background

Mitigation Options

Install the update released on March 10, 2020 and then add the recommended configurations for LDAP channel binding and LDAP signings (see Microsoft KB4520412)

If you are unable to install the update, make the recommended changes provided in the Microsoft Security Advisory, ADV190023

Disable Simple or SASL-PLAIN Bind authentication on LDAP servers and implement stronger authentication frameworks

MITRE ATT&CK ID

T1040
T1078

Professional Services

Partners

Partner Login

Partner Finder

View All Use Cases

View All Industries

View All Integrations

Attack Background

Mitigation Options

MITRE ATT&CK ID

What else can RevealX do for you?

View our Periodic Table of use cases