A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access.Referenceshttps://support.broadcom.com/external/content/SecurityAdvisories/0/20652
