CVE-2014-3562

Опубликовано: 07 авг. 2014

Источник: redhat

CVSS2: 7.5

EPSS Низкий

Описание

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

It was found that when replication was enabled for each attribute in Red Hat Directory Server / 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to disclose potentially sensitive information.

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-862->CWE-201

https://bugzilla.redhat.com/show_bug.cgi?id=1123477389-ds: unauthenticated information disclosure

EPSS

Процентиль: 53%

0.00307

Низкий

7.5 High

CVSS2

Связанные уязвимости

CVE-2014-3562

ubuntu

около 11 лет назад

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

CVE-2014-3562

nvd

около 11 лет назад

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

CVE-2014-3562

debian

около 11 лет назад

Red Hat Directory Server 8 and 389 Directory Server, when debugging is ...

GHSA-6vvf-j83f-44mh

github

больше 3 лет назад

Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

ELSA-2014-1031

oracle-oval

около 11 лет назад

ELSA-2014-1031: 389-ds-base security update (IMPORTANT)

EPSS

Процентиль: 53%

0.00307

Низкий

7.5 High

CVSS2