openldap is vulnerable to man-in-the-middle attack. The TLS setup falls back to matching CN if there is a SAN that does not match the server’s host name.
CPE | Name | Operator | Version |
---|---|---|---|
openldap | eq | 2.4.46__9.el8 | |
openldap | eq | 2.4.46__9.el8 |
lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html
lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/
access.redhat.com/errata/RHBA-2019:3674
bugs.openldap.org/show_bug.cgi?id=9266
bugzilla.redhat.com/show_bug.cgi?id=1740070
kc.mcafee.com/corporate/index?page=content&id=SB10365
www.oracle.com/security-alerts/cpuapr2022.html