Lucene search
Fedoraproject389 Directory Server
2 matches found
CVE-2017-7551
389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.
9.8CVSS8.4AI score0.00394EPSS
CVE-2015-1854
389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call.
7.5CVSS7.1AI score0.00432EPSS