Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Veracode
Veracodeadded 2024/01/13 5:37 a.m.17 views

Information Exposure

389-ds-base is vulnerable to Information Exposure. The vulnerability is due to LDAP mistakenly decoding the userPassword attribute instead of the userCertificate attribute, potentially leading to the leakage of sensitive information. An attacker with local access to a system running cockpit-389-d...

5.5CVSS6.6AI score0.00063EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/07/26 12:0 a.m.19 views

Fedora 38 : 389-ds-base (2023-c92be0dfa0)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-c92be0dfa0 advisory. Bump version to 2.3.5 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

5.5CVSS5.7AI score0.00063EPSS
Exploits0References2
NVD
NVDadded 2023/02/27 10:15 p.m.9 views

CVE-2023-1055

A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes...

5.5CVSS5AI score0.00063EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2023/02/27 10:15 p.m.19 views

CVE-2023-1055

A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes...

5.5CVSS6AI score0.00063EPSS
Exploits0References3
OSV
OSVadded 2023/02/27 10:15 p.m.0 views

UBUNTU-CVE-2023-1055

A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes...

5.5CVSS5.8AI score0.00063EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2023/02/27 10:59 a.m.27 views

CVE-2023-1055

A flaw was found in RHDS 11 and 12. While browsing entries, LDAP tries to decode the userPassword attribute instead of the userCertificate attribute, which could lead into sensitive information being leaked. This issue could allow an attacker with a local account with cockpit-389-ds running to li...

5.5CVSS5AI score0.00063EPSS
Exploits0References3
CVE
CVEadded 2023/02/27 12:0 a.m.84 views

CVE-2023-1055

CVE-2023-1055 affects RHDS 11/12 and Red Hat Directory Server components (389-ds-base). The issue occurs when LDAP browsing entries decodes userPassword instead of userCertificate, leaking sensitive information. A local attacker with a cockpit-389-ds process can list processes and display hashed ...

5.5CVSS4.9AI score0.00063EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder