IP
HD-Analogue
Thermal Imaging
LCD/TFT
C-WERK
Others
Housing & Bracket
Lens
PC Accessories
System Keyboard
Transmission
Title: Incorrect Evaluation of LDAP Nested Groups during Login Date: 2025-01-19 Product Affected: C-Werk, all versions before 2.0.2 Fixed: C-Werk 2.0.2
1. Description
The LDAP authentication engine failed to fully resolve nested group memberships when evaluating access permissions, resulting in legitimate users being denied access or being misassigned roles.
2. Solutions and mitigations
LDAP resolution logic was updated to recursively parse and flatten nested group structures before evaluating role binding.
Upgrade to version 2.0.2 or newer. Ensure external LDAP directory structures are regularly audited for correct nesting and role mapping.
Back to the list