Lucene search

[email protected]NVD:CVE-2024-3657

HistoryMay 28, 2024 - 1:15 p.m.

CVE-2024-3657

2024-05-2813:15:11

CWE-20

[email protected]

web.nvd.nist.gov

389-ds-base

ldap query

denial of service

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

13.2%

JSON

A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service

References

access.redhat.com/errata/RHSA-2024:3591

access.redhat.com/errata/RHSA-2024:3837

access.redhat.com/errata/RHSA-2024:4092

access.redhat.com/errata/RHSA-2024:4209

access.redhat.com/errata/RHSA-2024:4210

access.redhat.com/errata/RHSA-2024:4235

access.redhat.com/security/cve/CVE-2024-3657

bugzilla.redhat.com/show_bug.cgi?id=2274401

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

13.2%

JSON

Related for NVD:CVE-2024-3657

redhatcve1 ubuntucve1 debiancve1 cve1 cvelist1 vulnrichment1 nessus13 almalinux2 osv3 oraclelinux3 redhat3 rocky1