Insufficient Fix for Server Crash Vulnerability in 389-ds-base
CVE-2024-8445
Currently unrated 🤨
Key Information
- Vendor
- Red Hat
- Status
- Red Hat Directory Server 11
- Red Hat Directory Server 12
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- Vendor
- CVE Published:
- 5 September 2024
Summary
The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.
Timeline
Vulnerability Reserved.
Vulnerability published.
Collectors
NVD DatabaseMitre Database