2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.025 Low
EPSS
Percentile
90.1%
slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial
of service (assertion failure and daemon exit) via an LDAP search query
with attrsOnly set to true, which causes empty attributes to be returned.
Author | Note |
---|---|
jdstrand | Per Debian bug report, you have to be using slapo-translucent and slapo-rwm, so downgrading to βlowβ |