Outdated SSL/TLS configurations may expose communication to MITM attacks.
Improper certificate management can lead to security vulnerabilities.
Susceptible to brute-force attacks without account lockout policies.
Use TLS 1.2 or higher for encrypted LDAP communication.
Require client-side certificates for additional security.
Implement strong authentication mechanisms and rate limiting.
Regularly monitor and audit LDAP traffic for anomalies.
Repeated failed login attempts against LDAP accounts.
Unauthorized access to directory entries or modification of permissions.
Expired, mismatched, or self-signed SSL/TLS certificates in use.
Last updated 1 year ago
