Lucene search
+L

25 matches found

cve
cve
added 2019/11/08 2:45 p.m.142 views

CVE-2019-14824

CVE-2019-14824 affects 389-ds-base and its deref plugin, enabling an authenticated attacker to disclose attribute values by abusing the search permission (e.g., password hashes). Public details across connected docs confirm the flaw and show patches across multiple distros: Debian (fixed in 1.3.3...

6.5CVSS6.2AI score0.01311EPSS
Exploits0References5Affected Software1
redhat
redhat
added 2019/11/05 9:17 p.m.7 views

389-ds-base: Read permission check bypass via the deref plugin

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...

6.5CVSS5.7AI score0.01311EPSS
Exploits0References5
cnvd
cnvd
added 2019/11/05 12:0 a.m.3 views

Red Hat 389 Directory Server deref plugin permission check bypass vulnerability

Red Hat 389 Directory Server formerly known as Fedora Directory Server is an enterprise-class Linux directory server from Red Hat, USA. The server fully supports the LDAPv3 specification and features scalability, multi-master replication, etc. deref is one of the deref plug-ins. A privilege check...

6.5CVSS7.7AI score0.01311EPSS
Exploits0References1
redhatcve
redhatcve
added 2019/11/04 9:25 a.m.31 views

CVE-2019-14824

A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...

6.5CVSS3AI score0.01311EPSS
Exploits0References4
openvas
openvas
added 2017/04/13 12:0 a.m.21 views

CentOS Update for 389-ds-base CESA-2017:0893 centos6

Check the version of 389-ds-base SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882687";...

6.5CVSS6.8AI score0.02627EPSS
Exploits0References2
Rows per page
Query Builder