Vulnerability reproduced: LDAP anonymous bind accepted empty password