Описание
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.3.2.16-0ubuntu1 |
| esm-apps/xenial | not-affected | 1.3.2.16-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1.3.2.16-0ubuntu1]] |
| hardy | DNE | |
| lucid | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
Показывать по
EPSS
1.2 Low
CVSS2
Связанные уязвимости
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server bef ...
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.
EPSS
1.2 Low
CVSS2