Lucene search

K
redhatRedHatRHSA-2021:0599
HistoryFeb 16, 2021 - 6:20 p.m.

(RHSA-2021:0599) Moderate: redhat-ds:11 security and bug fix update

2021-02-1618:20:06
access.redhat.com
49

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

43.8%

Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration, the Administration Server HTTP agent package, and the GUI console packages.

Security Fix(es):

  • 389-ds-base: information disclosure during the binding of a DN (CVE-2020-35518)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • RHDS11: “write” permission of ACI changes ns-slapd’s behavior on search operation (BZ#1909675)
OSVersionArchitecturePackageVersionFilename
RedHatanyx86_64389-ds-base< 1.4.2.12-5.module+el8dsrv+9896+eb95346c389-ds-base-1.4.2.12-5.module+el8dsrv+9896+eb95346c.x86_64.rpm
RedHatanyx86_64389-ds-base-snmp< 1.4.2.12-5.module+el8dsrv+9896+eb95346c389-ds-base-snmp-1.4.2.12-5.module+el8dsrv+9896+eb95346c.x86_64.rpm
RedHatanyx86_64389-ds-base-libs-debuginfo< 1.4.2.12-5.module+el8dsrv+9896+eb95346c389-ds-base-libs-debuginfo-1.4.2.12-5.module+el8dsrv+9896+eb95346c.x86_64.rpm
RedHatanyx86_64389-ds-base-legacy-tools< 1.4.2.12-5.module+el8dsrv+9896+eb95346c389-ds-base-legacy-tools-1.4.2.12-5.module+el8dsrv+9896+eb95346c.x86_64.rpm
RedHatanynoarchcockpit-389-ds< 1.4.2.12-5.module+el8dsrv+9896+eb95346ccockpit-389-ds-1.4.2.12-5.module+el8dsrv+9896+eb95346c.noarch.rpm
RedHatanyx86_64389-ds-base-devel< 1.4.2.12-5.module+el8dsrv+9896+eb95346c389-ds-base-devel-1.4.2.12-5.module+el8dsrv+9896+eb95346c.x86_64.rpm
RedHatanynoarchpython3-lib389< 1.4.2.12-5.module+el8dsrv+9896+eb95346cpython3-lib389-1.4.2.12-5.module+el8dsrv+9896+eb95346c.noarch.rpm
RedHatanyx86_64389-ds-base-snmp-debuginfo< 1.4.2.12-5.module+el8dsrv+9896+eb95346c389-ds-base-snmp-debuginfo-1.4.2.12-5.module+el8dsrv+9896+eb95346c.x86_64.rpm
RedHatanyx86_64389-ds-base-legacy-tools-debuginfo< 1.4.2.12-5.module+el8dsrv+9896+eb95346c389-ds-base-legacy-tools-debuginfo-1.4.2.12-5.module+el8dsrv+9896+eb95346c.x86_64.rpm
RedHatanyx86_64389-ds-base-libs< 1.4.2.12-5.module+el8dsrv+9896+eb95346c389-ds-base-libs-1.4.2.12-5.module+el8dsrv+9896+eb95346c.x86_64.rpm
Rows per page:
1-10 of 121

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

43.8%

Related for RHSA-2021:0599