LDAP Injection
Description
LDAP injection attacks exploit LDAP queries to influence how data is returned by the LDAP server. This occurs when user input is not properly sanitized before being used in an LDAP query.
Examples
Insecure Code
java
ldapContext.search("dc=example,dc=org", "(cn=" + userQuery + ")", searchControls);Secure Code
java
Object[] searchArguments = new Object[]{userQuery}; NamingEnumeration answer = ldapContext.search("dc=example,dc=org", "(cn={0})", searchArguments, searchControls);Remediation
To fix this issue, ensure that all user input is properly encoded before being used in an LDAP query. This can be achieved by using the `filterArg` parameter in the `search` method or by manually encoding the input using a function like `encodeLDAPString`.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0710 |
| Category | Injection |
| Severity | HIGH |
| CWE | CWE-90 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | ldap, injection |
| OWASP | A1:2017-Injection, A03:2021-Injection |