Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes.
CVSS Information
N/A
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Red Hat 389 Directory Server deref插件资源管理错误漏洞
Vulnerability Description
Red Hat 389 Directory Server(前称Fedora Directory Server)是美国红帽(Red Hat)公司的一款企业级的Linux目录服务器。该服务器完全支持LDAPv3规范,具有可扩展、多主复制等特点。deref是其中的一个deref插件。 Red Hat 389 Directory Server中的deref插件存在安全漏洞。攻击者可利用该漏洞查看私有属性。
CVSS Information
N/A
Vulnerability Type
N/A