Denial of Service Vulnerability in Red Hat Directory Server by Red Hat
CVE-2010-2222

7.5HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Directory Server
Vendor: CVE Published:; 5 November 2019

What is CVE-2010-2222?

The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server has a vulnerability that allows attackers to exploit a crafted search query, resulting in a denial of service through a NULL pointer dereference. This exploit can lead to system instability and potential downtime, therefore users are advised to apply patches and update their systems to safeguard against this issue.

Affected Version(s)

Red Hat Directory Server 8

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2222

x_refsource_MISC

https://access.redhat.com/security/cve/cve-2010-2222

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 5, 2019
Vulnerability Reserved
Jun 9, 2010