CVE-2021-3514

Опубликовано: 28 мая 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.

Ссылки

https://github.com/389ds/389-ds-base/issues/4711
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html
https://github.com/389ds/389-ds-base/issues/4711
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:redhat:389_directory_server:-:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.00124

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

CVE-2021-3514

CVSS3: 6.5

ubuntu

около 4 лет назад

When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.

CVE-2021-3514

CVSS3: 6.5

redhat

больше 4 лет назад

When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.

CVE-2021-3514

CVSS3: 6.5

debian

около 4 лет назад

When using a sync_repl client in 389-ds-base, an authenticated attacke ...

openSUSE-SU-2021:0868-1

suse-cvrf

около 4 лет назад

Security update for 389-ds

SUSE-SU-2021:1878-1

suse-cvrf

около 4 лет назад

Security update for 389-ds

EPSS

Процентиль: 33%

0.00124

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-476