5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.0%
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.
bugzilla.redhat.com/show_bug.cgi?id=1905565
github.com/389ds/389-ds-base/commit/b6aae4d8e7c8a6ddd21646f94fef1bf7f22c3f32
github.com/389ds/389-ds-base/commit/cc0f69283abc082488824702dae485b8eae938bc
github.com/389ds/389-ds-base/issues/4480