Lucene search
K

5 matches found

BDU FSTEC
BDU FSTEC
added 2020/05/08 12:0 a.m.5 views

The vulnerability of the KB Search component of the Oracle Email Center messaging software in the Oracle E-Business Suite, a business automation system, allows a malicious individual to access, modify, add, or delete data, or to gain unauthorized access to protected information.

The vulnerability of the KB Search component of the Oracle Email Center messaging software within the Oracle E-Business Suite system relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain...

8.2CVSS7.4AI score0.01282EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2013/05/13 11:55 p.m.2 views

DEBIAN-CVE-2013-1897

The dosearch function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote...

2.6CVSS6.1AI score0.02096EPSS
Exploits0References1
OSV
OSV
added 2013/05/13 11:55 p.m.2 views

UBUNTU-CVE-2013-1897

The dosearch function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote...

2.6CVSS5.8AI score0.02096EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/04/15 5:47 p.m.3 views

389-ds: unintended information exposure when rootdse is enabled

The dosearch function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the BASE search scope is used, which allows remote...

2.6CVSS5.9AI score0.02096EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2001/08/13 12:0 a.m.942 views

LDAP NULL BASE Search Access

The remote LDAP server supports search requests with a NULL, or empty, base object. This allows information to be retrieved without any prior knowledge of the directory structure. Coupled with a NULL BIND, an anonymous user may be able to query your LDAP server using a tool such as 'LdapMiner'...

5.5AI score
Exploits0References1
Rows per page
Query Builder