CVE-2015-5246

Опубликовано: 24 авг. 2015

Источник: redhat

CVSS2: 4.9

EPSS Низкий

Описание

The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory.

Отчет

Red Hat Product Security determined that this flaw was not a security vulnerability. See the Bugzilla link for more details.

Затронутые пакеты

Платформа	Пакет	Состояние
OpenStack Foreman	foreman	Not affected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno) Installer	foreman	Not affected
Red Hat Satellite 6	foreman	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

https://bugzilla.redhat.com/show_bug.cgi?id=1258700Foreman: previous password still allowed to log into foreman with Active Directory backend

EPSS

Процентиль: 72%

0.00711

Низкий

4.9 Medium

CVSS2

Связанные уязвимости

CVE-2015-5246

CVSS3: 8.1

nvd

больше 8 лет назад

The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory.

CVE-2015-5246

CVSS3: 8.1

debian

больше 8 лет назад

The LDAP Authentication functionality in Foreman might allow remote at ...

GHSA-4468-gjjg-mh5q

CVSS3: 8.1

github

больше 3 лет назад

The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory.

EPSS

Процентиль: 72%

0.00711

Низкий

4.9 Medium

CVSS2