The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.
Metrics
Affected Vendors & Products
References
History
Tue, 01 Oct 2024 05:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Els
|
|
CPEs | cpe:/o:redhat:rhel_els:7 | |
Vendors & Products |
Redhat rhel Els
|
|
References |
|
Thu, 05 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 05 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input. |
Title | 389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199) | 389-ds-base: server crash while modifying `userpassword` using malformed input (incomplete fix for cve-2024-2199) |
First Time appeared |
Redhat
Redhat directory Server Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:directory_server:11 cpe:/a:redhat:directory_server:12 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat directory Server Redhat enterprise Linux |
|
References |
|
Thu, 05 Sep 2024 03:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | |
Title | 389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199) | |
Weaknesses | CWE-20 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-09-05T14:24:01.125Z
Updated: 2024-11-24T19:33:24.251Z
Reserved: 2024-09-05T00:28:32.318Z
Link: CVE-2024-8445
Vulnrichment
Updated: 2024-09-05T19:58:11.798Z
NVD
Status : Awaiting Analysis
Published: 2024-09-05T15:15:16.927
Modified: 2024-10-01T06:15:02.650
Link: CVE-2024-8445
Redhat