5 matches found
Information Exposure
389-ds-base is vulnerable to Information Exposure. The vulnerability is due to LDAP mistakenly decoding the userPassword attribute instead of the userCertificate attribute, potentially leading to the leakage of sensitive information. An attacker with local access to a system running cockpit-389-d...
CVE-2023-1055
A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes...
CVE-2023-1055
A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes...
CVE-2023-1055
A flaw was found in RHDS 11 and 12. While browsing entries, LDAP tries to decode the userPassword attribute instead of the userCertificate attribute, which could lead into sensitive information being leaked. This issue could allow an attacker with a local account with cockpit-389-ds running to li...
PT-2023-16722 · Red Hat +1 · Rhds +1
Name of the Vulnerable Software and Affected Versions: RHDS versions 11 through 12 Description: A flaw was found in RHDS where LDAP tries to decode the userPassword attribute instead of the userCertificate attribute, potentially leading to sensitive information leakage. An attacker with a local...