CVE-2022-42132 is a medium-severity information disclosure vulnerability affecting multiple versions of Liferay Portal (7.0.0 through 7.4.3.4) and Liferay DXP (7.0 fix pack 102 and earlier, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA). The vulnerability arises from the 'Test LDAP Users' functionality, which is designed to verify LDAP configurations by paginating through a list of users. During this pagination process, the LDAP credentials are included in the URL parameters of the web page. This practice exposes sensitive LDAP credentials in the URL, which can be captured by man-in-the-middle (MitM) attackers intercepting network traffic or by attackers with access to server or proxy request logs. Since URLs are often logged by web servers, proxies, and browser histories, this leakage significantly increases the risk of credential compromise. The vulnerability is classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). According to the CVSS v3.1 scoring, it has a score of 5.9 (medium severity) with the vector AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating that it is remotely exploitable over the network without privileges or user interaction but requires high attack complexity. The impact is primarily on confidentiality, as the LDAP credentials can be disclosed, potentially allowing attackers to access or query the LDAP directory with those credentials. However, the vulnerability does not affect integrity or availability directly. No known exploits are reported in the wild, and no official patches or mitigation links were provided in the source information. The root cause is insecure handling of sensitive credentials in URLs, which is a known anti-pattern in secure web application design.

For European organizations using affected versions of Liferay Portal or Liferay DXP, this vulnerability poses a significant risk to the confidentiality of LDAP credentials. LDAP directories often serve as central authentication and authorization repositories, containing sensitive user information and access controls. Exposure of LDAP credentials could enable attackers to perform unauthorized directory queries, escalate privileges, or move laterally within the network. This is particularly critical for organizations with strict data protection requirements under GDPR, as unauthorized access to user data could lead to regulatory penalties and reputational damage. The vulnerability is especially concerning in environments where network traffic is not fully encrypted or where internal network monitoring and logging are accessible to multiple parties. Since the vulnerability does not require authentication or user interaction, attackers can exploit it remotely if they can intercept traffic or access logs. The medium CVSS score reflects the moderate ease of exploitation combined with the high confidentiality impact. However, the requirement for high attack complexity (e.g., network interception capabilities) somewhat limits the threat scope. Overall, organizations relying on Liferay for portal services, especially those integrating LDAP for user management, should consider this vulnerability a priority for remediation to protect sensitive directory credentials and maintain compliance with European data protection standards.

1. Immediate mitigation should include restricting access to network segments where Liferay Portal/DXP is deployed, ensuring that only trusted and authorized personnel can access the management interfaces and logs. 2. Enforce the use of HTTPS/TLS for all communications to prevent man-in-the-middle interception of URLs containing credentials. 3. Review and sanitize web server, proxy, and application logs to ensure that URLs containing LDAP credentials are not stored or are properly redacted. 4. Upgrade Liferay Portal and DXP to versions beyond those affected, as vendors typically release patches or configuration changes to address such issues; if patches are unavailable, contact Liferay support for guidance or apply custom fixes to prevent credentials from being included in URLs. 5. As a workaround, avoid using the 'Test LDAP Users' functionality in production environments or restrict its use to secure, isolated environments. 6. Implement network-level monitoring to detect unusual LDAP queries or access patterns that may indicate credential misuse. 7. Rotate LDAP credentials immediately if exposure is suspected or confirmed to limit the window of exploitation. 8. Educate administrators and developers on secure handling of credentials, emphasizing never to include sensitive information in URLs or client-side parameters. 9. Consider deploying web application firewalls (WAFs) with rules to detect and block requests exposing credentials in URLs.