4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.915 High
EPSS
Percentile
98.9%
CentOS Errata and Security Advisory CESA-2017:1852
OpenLDAP is an open-source suite of Lightweight Directory Access Protocol (LDAP) applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and documentation for OpenLDAP.
The following packages have been upgraded to a later upstream version: openldap (2.4.44). (BZ#1386365)
Security Fix(es):
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2017-August/030682.html
Affected packages:
openldap
openldap-clients
openldap-devel
openldap-servers
openldap-servers-sql
Upstream details at:
https://access.redhat.com/errata/RHSA-2017:1852
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 7 | i686 | openldap | < 2.4.44-5.el7 | openldap-2.4.44-5.el7.i686.rpm |
CentOS | 7 | x86_64 | openldap | < 2.4.44-5.el7 | openldap-2.4.44-5.el7.x86_64.rpm |
CentOS | 7 | x86_64 | openldap-clients | < 2.4.44-5.el7 | openldap-clients-2.4.44-5.el7.x86_64.rpm |
CentOS | 7 | i686 | openldap-devel | < 2.4.44-5.el7 | openldap-devel-2.4.44-5.el7.i686.rpm |
CentOS | 7 | x86_64 | openldap-devel | < 2.4.44-5.el7 | openldap-devel-2.4.44-5.el7.x86_64.rpm |
CentOS | 7 | x86_64 | openldap-servers | < 2.4.44-5.el7 | openldap-servers-2.4.44-5.el7.x86_64.rpm |
CentOS | 7 | x86_64 | openldap-servers-sql | < 2.4.44-5.el7 | openldap-servers-sql-2.4.44-5.el7.x86_64.rpm |
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.915 High
EPSS
Percentile
98.9%