Denial of Service Vulnerability in 389-ds-base LDAP Server by Red Hat
CVE-2025-2487

4.9MEDIUM

Key Information:

Summary

A flaw in the 389-ds-base LDAP Server allows a privileged user to trigger a Denial of Service condition. This vulnerability occurs during the Modify DN LDAP operation when the function's return value is not properly validated, leading to a potential NULL pointer dereference. Consequently, if a user executes a MODDN operation after an initial failure, the server may encounter a crash, impacting the availability of the service.

References

CVSS V3.1

Score:
4.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.