Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-3657 (GCVE-0-2024-3657)
Vulnerability from cvelistv5 – Published: 2024-05-28 12:53 – Updated: 2026-02-25 19:31
VLAI
EPSS
Title
389-ds-base: potential denial of service via specially crafted kerberos as-req request
Summary
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
Severity
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
13 references
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat Directory Server 11.5 E4S for RHEL 8 |
Unaffected:
8060020250210084424.0ca98e7e , < *
(rpm)
cpe:/a:redhat:directory_server_e4s:11.5::el8 |
|
| Red Hat | Red Hat Directory Server 11.7 for RHEL 8 |
Unaffected:
8080020240909040333.f969626e , < *
(rpm)
cpe:/a:redhat:directory_server:11.7::el8 |
|
| Red Hat | Red Hat Directory Server 11.8 for RHEL 8 |
Unaffected:
8090020240606122459.91529cd0 , < *
(rpm)
cpe:/a:redhat:directory_server:11.8::el8 |
|
| Red Hat | Red Hat Directory Server 11.9 for RHEL 8 |
Unaffected:
8100020240604161237.37ed7c03 , < *
(rpm)
cpe:/a:redhat:directory_server:11.9::el8 |
|
| Red Hat | Red Hat Directory Server 12.2 EUS for RHEL 9 |
Unaffected:
9020020240916150035.1674d574 , < *
(rpm)
cpe:/a:redhat:directory_server_eus:12.2::el9 |
|
| Red Hat | Red Hat Directory Server 12.4 for RHEL 9 |
Unaffected:
9040020240604143706.1674d574 , < *
(rpm)
cpe:/a:redhat:directory_server:12.4::el9 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
Unaffected:
0:1.3.11.1-5.el7_9 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:7::server cpe:/o:redhat:enterprise_linux:7::workstation cpe:/o:redhat:enterprise_linux:7::computenode cpe:/o:redhat:enterprise_linux:7::client |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
8100020240613122040.25e700aa , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support |
Unaffected:
8080020240807050952.6dbb3803 , < *
(rpm)
cpe:/a:redhat:rhel_eus:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:2.4.5-8.el9_4 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
0:2.2.4-9.el9_2 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
Date Public
2024-05-28 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3657",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-05T20:48:33.613730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T20:49:13.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:37:48.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2024:3591",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3591"
},
{
"name": "RHSA-2024:3837",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"name": "RHSA-2024:4092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4092"
},
{
"name": "RHSA-2024:4209",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4209"
},
{
"name": "RHSA-2024:4210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4210"
},
{
"name": "RHSA-2024:4235",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4235"
},
{
"name": "RHSA-2024:4633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4633"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-3657"
},
{
"name": "RHBZ#2274401",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:directory_server_e4s:11.5::el8"
],
"defaultStatus": "affected",
"packageName": "redhat-ds:11",
"product": "Red Hat Directory Server 11.5 E4S for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8060020250210084424.0ca98e7e",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:directory_server:11.7::el8"
],
"defaultStatus": "affected",
"packageName": "redhat-ds:11",
"product": "Red Hat Directory Server 11.7 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8080020240909040333.f969626e",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:directory_server:11.8::el8"
],
"defaultStatus": "affected",
"packageName": "redhat-ds:11",
"product": "Red Hat Directory Server 11.8 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8090020240606122459.91529cd0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:directory_server:11.9::el8"
],
"defaultStatus": "affected",
"packageName": "redhat-ds:11",
"product": "Red Hat Directory Server 11.9 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8100020240604161237.37ed7c03",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:directory_server_eus:12.2::el9"
],
"defaultStatus": "affected",
"packageName": "redhat-ds:12",
"product": "Red Hat Directory Server 12.2 EUS for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "9020020240916150035.1674d574",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:directory_server:12.4::el9"
],
"defaultStatus": "affected",
"packageName": "redhat-ds:12",
"product": "Red Hat Directory Server 12.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "9040020240604143706.1674d574",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7::server",
"cpe:/o:redhat:enterprise_linux:7::workstation",
"cpe:/o:redhat:enterprise_linux:7::computenode",
"cpe:/o:redhat:enterprise_linux:7::client"
],
"defaultStatus": "affected",
"packageName": "389-ds-base",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.11.1-5.el7_9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "389-ds:1.4",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8100020240613122040.25e700aa",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.8::appstream"
],
"defaultStatus": "affected",
"packageName": "389-ds:1.4",
"product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8080020240807050952.6dbb3803",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"packageName": "389-ds-base",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.4.5-8.el9_4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "389-ds-base",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.2.4-9.el9_2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "389-ds-base",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "389-ds-base",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
}
],
"datePublic": "2024-05-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service"
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T19:31:07.103Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:3591",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3591"
},
{
"name": "RHSA-2024:3837",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"name": "RHSA-2024:4092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4092"
},
{
"name": "RHSA-2024:4209",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4209"
},
{
"name": "RHSA-2024:4210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4210"
},
{
"name": "RHSA-2024:4235",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4235"
},
{
"name": "RHSA-2024:4633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4633"
},
{
"name": "RHSA-2024:5690",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:5690"
},
{
"name": "RHSA-2024:6576",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:6576"
},
{
"name": "RHSA-2024:7458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:7458"
},
{
"name": "RHSA-2025:1632",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:1632"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-3657"
},
{
"name": "RHBZ#2274401",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-10T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-05-28T00:00:00.000Z",
"value": "Made public."
}
],
"title": "389-ds-base: potential denial of service via specially crafted kerberos as-req request",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-20: Improper Input Validation"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-3657",
"datePublished": "2024-05-28T12:53:03.399Z",
"dateReserved": "2024-04-11T14:21:25.571Z",
"dateUpdated": "2026-02-25T19:31:07.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-3657",
"date": "2026-05-26",
"epss": "0.00549",
"percentile": "0.681"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 una falla en 389-ds-base. Una consulta LDAP especialmente manipulada puede causar potencialmente una falla en el servidor de directorio, lo que lleva a una denegaci\\u00f3n de servicio.\"}]",
"id": "CVE-2024-3657",
"lastModified": "2024-11-21T09:30:07.047",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2024-05-28T13:15:11.057",
"references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2024:3591\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:3837\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4092\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4209\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4210\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4235\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4633\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:5690\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:6576\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:7458\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-3657\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2274401\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:3591\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:3837\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4092\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4209\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4210\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4235\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4633\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-3657\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2274401\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-3657\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-05-28T13:15:11.057\",\"lastModified\":\"2025-11-03T21:16:16.273\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en 389-ds-base. Una consulta LDAP especialmente manipulada puede causar potencialmente una falla en el servidor de directorio, lo que lleva a una denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:3591\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:3837\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4092\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4209\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4210\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4235\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4633\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:5690\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:6576\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:7458\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1632\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-3657\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2274401\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:3591\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:3837\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4092\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4209\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4210\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4235\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:4633\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-3657\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2274401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:3591\", \"name\": \"RHSA-2024:3591\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:3837\", \"name\": \"RHSA-2024:3837\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4092\", \"name\": \"RHSA-2024:4092\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4209\", \"name\": \"RHSA-2024:4209\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4210\", \"name\": \"RHSA-2024:4210\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4235\", \"name\": \"RHSA-2024:4235\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4633\", \"name\": \"RHSA-2024:4633\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-3657\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2274401\", \"name\": \"RHBZ#2274401\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T20:37:48.319Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-3657\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-05T20:48:33.613730Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-05T20:49:00.838Z\"}}], \"cna\": {\"title\": \"389-ds-base: potential denial of service via specially crafted kerberos as-req request\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:directory_server_e4s:11.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Directory Server 11.5 E4S for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8060020250210084424.0ca98e7e\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"redhat-ds:11\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:directory_server:11.7::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Directory Server 11.7 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8080020240909040333.f969626e\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"redhat-ds:11\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:directory_server:11.8::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Directory Server 11.8 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8090020240606122459.91529cd0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"redhat-ds:11\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:directory_server:11.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Directory Server 11.9 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8100020240604161237.37ed7c03\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"redhat-ds:11\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:directory_server_eus:12.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Directory Server 12.2 EUS for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"9020020240916150035.1674d574\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"redhat-ds:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:directory_server:12.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Directory Server 12.4 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"9040020240604143706.1674d574\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"redhat-ds:12\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7::server\", \"cpe:/o:redhat:enterprise_linux:7::workstation\", \"cpe:/o:redhat:enterprise_linux:7::computenode\", \"cpe:/o:redhat:enterprise_linux:7::client\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.3.11.1-5.el7_9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8100020240613122040.25e700aa\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"389-ds:1.4\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"8080020240807050952.6dbb3803\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"389-ds:1.4\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\", \"cpe:/a:redhat:enterprise_linux:9::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.4.5-8.el9_4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.2.4-9.el9_2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-04-10T00:00:00.000Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-05-28T00:00:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-05-28T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:3591\", \"name\": \"RHSA-2024:3591\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:3837\", \"name\": \"RHSA-2024:3837\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4092\", \"name\": \"RHSA-2024:4092\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4209\", \"name\": \"RHSA-2024:4209\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4210\", \"name\": \"RHSA-2024:4210\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4235\", \"name\": \"RHSA-2024:4235\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:4633\", \"name\": \"RHSA-2024:4633\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:5690\", \"name\": \"RHSA-2024:5690\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:6576\", \"name\": \"RHSA-2024:6576\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:7458\", \"name\": \"RHSA-2024:7458\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:1632\", \"name\": \"RHSA-2025:1632\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-3657\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2274401\", \"name\": \"RHBZ#2274401\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-02-25T19:31:07.103Z\"}, \"x_redhatCweChain\": \"CWE-20: Improper Input Validation\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-3657\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-25T19:31:07.103Z\", \"dateReserved\": \"2024-04-11T14:21:25.571Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-05-28T12:53:03.399Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
alsa-2024:3837
Vulnerability from osv_almalinux
Published
2024-06-11 00:00
Modified
2024-06-14 06:41
Summary
Important: 389-ds-base security update
Details
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
- 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657)
- 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "389-ds-base"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.5-8.el9_4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "389-ds-base-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.5-8.el9_4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "389-ds-base-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.5-8.el9_4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "python3-lib389"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.5-8.el9_4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP) server and\ncommand-line utilities for server administration.\n\nSecurity Fix(es):\n\n* 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657)\n* 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2024:3837",
"modified": "2024-06-14T06:41:16Z",
"published": "2024-06-11T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-2199"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-3657"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2267976"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2274401"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2024-3837.html"
}
],
"related": [
"CVE-2024-3657",
"CVE-2024-2199"
],
"summary": "Important: 389-ds-base security update"
}
alsa-2024:4235
Vulnerability from osv_almalinux
Published
2024-07-02 00:00
Modified
2024-07-04 07:29
Summary
Important: 389-ds security update
Details
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
- 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657)
- 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "389-ds-base"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.3.39-7.module_el8.10.0+3864+d8eec553"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "389-ds-base-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.3.39-7.module_el8.10.0+3864+d8eec553"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "389-ds-base-legacy-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.3.39-7.module_el8.10.0+3864+d8eec553"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "389-ds-base-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.3.39-7.module_el8.10.0+3864+d8eec553"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "389-ds-base-snmp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.3.39-7.module_el8.10.0+3864+d8eec553"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "python3-lib389"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.3.39-7.module_el8.10.0+3864+d8eec553"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. \n\nSecurity Fix(es):\n\n* 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657)\n* 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2024:4235",
"modified": "2024-07-04T07:29:57Z",
"published": "2024-07-02T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:4235"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-2199"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2024-3657"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2267976"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2274401"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2024-4235.html"
}
],
"related": [
"CVE-2024-3657",
"CVE-2024-2199"
],
"summary": "Important: 389-ds security update"
}
BDU:2025-00952
Vulnerability from fstec - Published: 10.04.2024
VLAI
Title
Уязвимость сервера службы каталогов 389 Directory Server, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость сервера службы каталогов 389 Directory Server связана с недостаточной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании с помощью специально созданного LDAP запроса
Severity
Vendor
Red Hat Inc., Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», Fedora Project
Software Name
Red Hat Enterprise Linux, Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), 389 Directory Server, Red Hat Directory Server
Software Version
7 (Red Hat Enterprise Linux), 8 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 9 (Red Hat Enterprise Linux), 8.8 Extended Update Support (Red Hat Enterprise Linux), 9.2 Extended Update Support (Red Hat Enterprise Linux), 1.8 (Astra Linux Special Edition), до 2.4.6 (389 Directory Server), до 3.1.1 (389 Directory Server), 11.7 for RHEL 8 (Red Hat Directory Server), 11.8 for RHEL 8 (Red Hat Directory Server), 11.9 for RHEL 8 (Red Hat Directory Server), 12.2 EUS for RHEL 9 (Red Hat Directory Server), 12.4 for RHEL 9 (Red Hat Directory Server)
Possible Mitigations
Использование рекомендаций:
Для 389 Directory Server:
https://github.com/389ds/389-ds-base/commit/b1e9acf39d1e1b752e8b4b469f32e17c743ad6f9
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2024-3657
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2024-3657
Для ОС Astra Linux:
обновить пакет 389-ds-base до 2.3.4+dfsg1-1.astra4 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0114SE18MD
Для ОС Astra Linux:
обновить пакет 389-ds-base до 2.3.2-1astra5 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17
Для ОС Astra Linux:
обновить пакет 389-ds-base до 2.3.2-1astra5 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47
Reference
https://github.com/389ds/389-ds-base/commit/b1e9acf39d1e1b752e8b4b469f32e17c743ad6f9
https://github.com/389ds/389-ds-base/commit/d8068fd7ef3c0c256b06ca47cfa0e1921d143778
https://nvd.nist.gov/vuln/detail/CVE-2024-3657
https://security-tracker.debian.org/tracker/CVE-2024-3657
https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0114SE18MD
https://access.redhat.com/security/cve/CVE-2024-3657
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47
CWE
CWE-20
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Fedora Project",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7 (Red Hat Enterprise Linux), 8 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 9 (Red Hat Enterprise Linux), 8.8 Extended Update Support (Red Hat Enterprise Linux), 9.2 Extended Update Support (Red Hat Enterprise Linux), 1.8 (Astra Linux Special Edition), \u0434\u043e 2.4.6 (389 Directory Server), \u0434\u043e 3.1.1 (389 Directory Server), 11.7 for RHEL 8 (Red Hat Directory Server), 11.8 for RHEL 8 (Red Hat Directory Server), 11.9 for RHEL 8 (Red Hat Directory Server), 12.2 EUS for RHEL 9 (Red Hat Directory Server), 12.4 for RHEL 9 (Red Hat Directory Server)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f 389 Directory Server:\nhttps://github.com/389ds/389-ds-base/commit/b1e9acf39d1e1b752e8b4b469f32e17c743ad6f9\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2024-3657\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2024-3657\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 389-ds-base \u0434\u043e 2.3.4+dfsg1-1.astra4 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0114SE18MD\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 389-ds-base \u0434\u043e 2.3.2-1astra5 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 389-ds-base \u0434\u043e 2.3.2-1astra5 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "10.04.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.05.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "03.02.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-00952",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-3657",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Enterprise Linux, Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), 389 Directory Server, Red Hat Directory Server",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Red Hat Inc. Red Hat Enterprise Linux 7 , Red Hat Inc. Red Hat Enterprise Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 9 , Red Hat Inc. Red Hat Enterprise Linux 8.8 Extended Update Support , Red Hat Inc. Red Hat Enterprise Linux 9.2 Extended Update Support , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Directory Server 11.7 for RHEL 8 , Red Hat Inc. Red Hat Directory Server 11.8 for RHEL 8 , Red Hat Inc. Red Hat Directory Server 11.9 for RHEL 8 , Red Hat Inc. Red Hat Directory Server 12.2 EUS for RHEL 9 , Red Hat Inc. Red Hat Directory Server 12.4 for RHEL 9 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0441\u043b\u0443\u0436\u0431\u044b \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u0432 389 Directory Server, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0441\u043b\u0443\u0436\u0431\u044b \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u0432 389 Directory Server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e LDAP \u0437\u0430\u043f\u0440\u043e\u0441\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/389ds/389-ds-base/commit/b1e9acf39d1e1b752e8b4b469f32e17c743ad6f9\nhttps://github.com/389ds/389-ds-base/commit/d8068fd7ef3c0c256b06ca47cfa0e1921d143778\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-3657\nhttps://security-tracker.debian.org/tracker/CVE-2024-3657\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0114SE18MD\nhttps://access.redhat.com/security/cve/CVE-2024-3657\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
FKIE_CVE-2024-3657
Vulnerability from fkie_nvd - Published: 2024-05-28 13:15 - Updated: 2026-04-15 00:35
Severity
Summary
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:3591 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:3837 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:4092 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:4209 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:4210 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:4235 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:4633 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:5690 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:6576 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:7458 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:1632 | ||
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2024-3657 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2274401 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:3591 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:3837 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:4092 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:4209 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:4210 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:4235 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:4633 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2024-3657 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2274401 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service"
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en 389-ds-base. Una consulta LDAP especialmente manipulada puede causar potencialmente una falla en el servidor de directorio, lo que lleva a una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2024-3657",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2024-05-28T13:15:11.057",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:3591"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:4092"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:4209"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:4210"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:4235"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:4633"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:5690"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:6576"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:7458"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:1632"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/security/cve/CVE-2024-3657"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:3591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:4092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:4209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:4210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:4235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2024:4633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/security/cve/CVE-2024-3657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
GSD-2024-3657
Vulnerability from gsd - Updated: 2024-04-12 05:02Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-3657"
],
"id": "GSD-2024-3657",
"modified": "2024-04-12T05:02:29.175242Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-3657",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
OPENSUSE-SU-2024:14227-1
Vulnerability from csaf_opensuse - Published: 2024-07-31 00:00 - Updated: 2024-07-31 00:00Summary
389-ds-3.1.1~git0.aef1668-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: 389-ds-3.1.1~git0.aef1668-1.1 on GA media
Description of the patch: These are all security issues fixed in the 389-ds-3.1.1~git0.aef1668-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14227
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
14 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2024-2199/ | self |
| https://www.suse.com/security/cve/CVE-2024-3657/ | self |
| https://www.suse.com/security/cve/CVE-2024-5953/ | self |
| https://www.suse.com/security/cve/CVE-2024-6237/ | self |
| https://www.suse.com/security/cve/CVE-2024-2199 | external |
| https://bugzilla.suse.com/1225507 | external |
| https://www.suse.com/security/cve/CVE-2024-3657 | external |
| https://bugzilla.suse.com/1225512 | external |
| https://www.suse.com/security/cve/CVE-2024-5953 | external |
| https://bugzilla.suse.com/1226277 | external |
| https://www.suse.com/security/cve/CVE-2024-6237 | external |
| https://bugzilla.suse.com/1227610 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "389-ds-3.1.1~git0.aef1668-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the 389-ds-3.1.1~git0.aef1668-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14227",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14227-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2199 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-3657 page",
"url": "https://www.suse.com/security/cve/CVE-2024-3657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-5953 page",
"url": "https://www.suse.com/security/cve/CVE-2024-5953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6237/"
}
],
"title": "389-ds-3.1.1~git0.aef1668-1.1 on GA media",
"tracking": {
"current_release_date": "2024-07-31T00:00:00Z",
"generator": {
"date": "2024-07-31T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14227-1",
"initial_release_date": "2024-07-31T00:00:00Z",
"revision_history": [
{
"date": "2024-07-31T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"product": {
"name": "389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"product_id": "389-ds-3.1.1~git0.aef1668-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"product": {
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"product_id": "389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"product": {
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"product_id": "389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "lib389-3.1.1~git0.aef1668-1.1.aarch64",
"product": {
"name": "lib389-3.1.1~git0.aef1668-1.1.aarch64",
"product_id": "lib389-3.1.1~git0.aef1668-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"product": {
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"product_id": "libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"product": {
"name": "389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"product_id": "389-ds-3.1.1~git0.aef1668-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"product": {
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"product_id": "389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"product": {
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"product_id": "389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"product": {
"name": "lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"product_id": "lib389-3.1.1~git0.aef1668-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"product": {
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"product_id": "libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-3.1.1~git0.aef1668-1.1.s390x",
"product": {
"name": "389-ds-3.1.1~git0.aef1668-1.1.s390x",
"product_id": "389-ds-3.1.1~git0.aef1668-1.1.s390x"
}
},
{
"category": "product_version",
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"product": {
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"product_id": "389-ds-devel-3.1.1~git0.aef1668-1.1.s390x"
}
},
{
"category": "product_version",
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"product": {
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"product_id": "389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x"
}
},
{
"category": "product_version",
"name": "lib389-3.1.1~git0.aef1668-1.1.s390x",
"product": {
"name": "lib389-3.1.1~git0.aef1668-1.1.s390x",
"product_id": "lib389-3.1.1~git0.aef1668-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"product": {
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"product_id": "libsvrcore0-3.1.1~git0.aef1668-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"product": {
"name": "389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"product_id": "389-ds-3.1.1~git0.aef1668-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"product": {
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"product_id": "389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"product": {
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"product_id": "389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "lib389-3.1.1~git0.aef1668-1.1.x86_64",
"product": {
"name": "lib389-3.1.1~git0.aef1668-1.1.x86_64",
"product_id": "lib389-3.1.1~git0.aef1668-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64",
"product": {
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64",
"product_id": "libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-3.1.1~git0.aef1668-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64"
},
"product_reference": "389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-3.1.1~git0.aef1668-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le"
},
"product_reference": "389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-3.1.1~git0.aef1668-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x"
},
"product_reference": "389-ds-3.1.1~git0.aef1668-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-3.1.1~git0.aef1668-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64"
},
"product_reference": "389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64"
},
"product_reference": "389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le"
},
"product_reference": "389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x"
},
"product_reference": "389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64"
},
"product_reference": "389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64"
},
"product_reference": "389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le"
},
"product_reference": "389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x"
},
"product_reference": "389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64"
},
"product_reference": "389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lib389-3.1.1~git0.aef1668-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64"
},
"product_reference": "lib389-3.1.1~git0.aef1668-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lib389-3.1.1~git0.aef1668-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le"
},
"product_reference": "lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lib389-3.1.1~git0.aef1668-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x"
},
"product_reference": "lib389-3.1.1~git0.aef1668-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lib389-3.1.1~git0.aef1668-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64"
},
"product_reference": "lib389-3.1.1~git0.aef1668-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64"
},
"product_reference": "libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le"
},
"product_reference": "libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x"
},
"product_reference": "libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
},
"product_reference": "libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2199"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2199",
"url": "https://www.suse.com/security/cve/CVE-2024-2199"
},
{
"category": "external",
"summary": "SUSE Bug 1225507 for CVE-2024-2199",
"url": "https://bugzilla.suse.com/1225507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-31T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-2199"
},
{
"cve": "CVE-2024-3657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-3657"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-3657",
"url": "https://www.suse.com/security/cve/CVE-2024-3657"
},
{
"category": "external",
"summary": "SUSE Bug 1225512 for CVE-2024-3657",
"url": "https://bugzilla.suse.com/1225512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-31T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-3657"
},
{
"cve": "CVE-2024-5953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-5953"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-5953",
"url": "https://www.suse.com/security/cve/CVE-2024-5953"
},
{
"category": "external",
"summary": "SUSE Bug 1226277 for CVE-2024-5953",
"url": "https://bugzilla.suse.com/1226277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-31T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-5953"
},
{
"cve": "CVE-2024-6237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6237"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6237",
"url": "https://www.suse.com/security/cve/CVE-2024-6237"
},
{
"category": "external",
"summary": "SUSE Bug 1227610 for CVE-2024-6237",
"url": "https://bugzilla.suse.com/1227610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-devel-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:389-ds-snmp-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:lib389-3.1.1~git0.aef1668-1.1.x86_64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.aarch64",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.ppc64le",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.s390x",
"openSUSE Tumbleweed:libsvrcore0-3.1.1~git0.aef1668-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-31T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-6237"
}
]
}
RHSA-2024:3591
Vulnerability from csaf_redhat - Published: 2024-06-04 14:31 - Updated: 2026-03-18 02:39Summary
Red Hat Security Advisory: 389-ds-base security update
Severity
Important
Notes
Topic: An update for 389-ds-base is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
* 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657)
* 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
5.7 (Medium)
Affected products
Fixed
126 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
7.5 (High)
Affected products
Fixed
126 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
13 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:3591 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2267976 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2274401 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-2199 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2267976 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-2199 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-2199 | external |
| https://access.redhat.com/security/cve/CVE-2024-3657 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2274401 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-3657 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-3657 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for 389-ds-base is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.\n\nSecurity Fix(es):\n\n* 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657)\n\n* 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:3591",
"url": "https://access.redhat.com/errata/RHSA-2024:3591"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2267976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267976"
},
{
"category": "external",
"summary": "2274401",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3591.json"
}
],
"title": "Red Hat Security Advisory: 389-ds-base security update",
"tracking": {
"current_release_date": "2026-03-18T02:39:45+00:00",
"generator": {
"date": "2026-03-18T02:39:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:3591",
"initial_release_date": "2024-06-04T14:31:19+00:00",
"revision_history": [
{
"date": "2024-06-04T14:31:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-06-04T14:31:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:39:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-5.el7_9.src",
"product": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.src",
"product_id": "389-ds-base-0:1.3.11.1-5.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-5.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"product": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"product_id": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-5.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"product_id": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-5.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"product_id": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-5.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"product_id": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-5.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-5.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"product": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"product_id": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-5.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"product_id": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-5.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-5.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"product_id": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-5.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"product_id": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-5.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"product": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"product_id": "389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-5.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"product_id": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-5.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"product_id": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-5.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"product_id": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-5.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-5.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"product": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"product_id": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-5.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"product_id": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-5.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"product_id": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-5.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"product_id": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-5.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-5.el7_9?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.src",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.src",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.src",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.src",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.src",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.src",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2199",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2267976"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "LDAP servers are not usually exposed to the open internet, requiring adjacent connectivity for a successful attack. This issue also requires a compromised user account to perform the attack. Therefore, this flaw is rated as a Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-2199"
},
{
"category": "external",
"summary": "RHBZ#2267976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267976"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-2199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2199"
}
],
"release_date": "2024-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-04T14:31:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the 389 server service will be restarted automatically.",
"product_ids": [
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3591"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c"
},
{
"cve": "CVE-2024-3657",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2274401"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is categorized as an important severity issue rather than a critical one because, while it can cause a denial of service by stopping the directory service, it does not allow for remote code execution, privilege escalation, or data exfiltration. The impact is limited to service disruption, which can be mitigated by monitoring and automatic service restarts. Additionally, exploiting this vulnerability requires specific crafted packets, indicating that an attacker would need a certain level of knowledge and access to execute the attack, reducing the likelihood of widespread exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-3657"
},
{
"category": "external",
"summary": "RHBZ#2274401",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-3657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-3657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3657"
}
],
"release_date": "2024-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-04T14:31:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the 389 server service will be restarted automatically.",
"product_ids": [
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3591"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Client-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Client-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7ComputeNode-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7ComputeNode-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Server-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Server-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.src",
"7Workstation-optional-7.9.Z:389-ds-base-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-debuginfo-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-devel-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-libs-0:1.3.11.1-5.el7_9.x86_64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.s390x",
"7Workstation-optional-7.9.Z:389-ds-base-snmp-0:1.3.11.1-5.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request"
}
]
}
RHSA-2024:3837
Vulnerability from csaf_redhat - Published: 2024-06-11 19:53 - Updated: 2026-03-18 02:39Summary
Red Hat Security Advisory: 389-ds-base security update
Severity
Important
Notes
Topic: An update for 389-ds-base is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base
packages include the Lightweight Directory Access Protocol (LDAP) server and
command-line utilities for server administration.
Security Fix(es):
* 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657)
* 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
5.7 (Medium)
Affected products
Fixed
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
7.5 (High)
Affected products
Fixed
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
13 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:3837 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2267976 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2274401 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-2199 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2267976 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-2199 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-2199 | external |
| https://access.redhat.com/security/cve/CVE-2024-3657 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2274401 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-3657 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-3657 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for 389-ds-base is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base\npackages include the Lightweight Directory Access Protocol (LDAP) server and\ncommand-line utilities for server administration.\n\nSecurity Fix(es):\n\n* 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657)\n\n* 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:3837",
"url": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2267976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267976"
},
{
"category": "external",
"summary": "2274401",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3837.json"
}
],
"title": "Red Hat Security Advisory: 389-ds-base security update",
"tracking": {
"current_release_date": "2026-03-18T02:39:49+00:00",
"generator": {
"date": "2026-03-18T02:39:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:3837",
"initial_release_date": "2024-06-11T19:53:52+00:00",
"revision_history": [
{
"date": "2024-06-11T19:53:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-06-11T19:53:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:39:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CRB (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:2.4.5-8.el9_4.src",
"product": {
"name": "389-ds-base-0:2.4.5-8.el9_4.src",
"product_id": "389-ds-base-0:2.4.5-8.el9_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@2.4.5-8.el9_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:2.4.5-8.el9_4.aarch64",
"product": {
"name": "389-ds-base-0:2.4.5-8.el9_4.aarch64",
"product_id": "389-ds-base-0:2.4.5-8.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@2.4.5-8.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"product": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"product_id": "389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@2.4.5-8.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"product": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"product_id": "389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debugsource@2.4.5-8.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"product": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"product_id": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@2.4.5-8.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"product": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"product_id": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs-debuginfo@2.4.5-8.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"product": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"product_id": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp-debuginfo@2.4.5-8.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"product": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"product_id": "389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@2.4.5-8.el9_4?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"product": {
"name": "389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"product_id": "389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@2.4.5-8.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"product": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"product_id": "389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@2.4.5-8.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"product": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"product_id": "389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debugsource@2.4.5-8.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"product": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"product_id": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@2.4.5-8.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"product": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"product_id": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs-debuginfo@2.4.5-8.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"product": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"product_id": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp-debuginfo@2.4.5-8.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"product": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"product_id": "389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@2.4.5-8.el9_4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:2.4.5-8.el9_4.x86_64",
"product": {
"name": "389-ds-base-0:2.4.5-8.el9_4.x86_64",
"product_id": "389-ds-base-0:2.4.5-8.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@2.4.5-8.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"product": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"product_id": "389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@2.4.5-8.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"product": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"product_id": "389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debugsource@2.4.5-8.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"product": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"product_id": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@2.4.5-8.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"product": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"product_id": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs-debuginfo@2.4.5-8.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"product": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"product_id": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp-debuginfo@2.4.5-8.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"product": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"product_id": "389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@2.4.5-8.el9_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:2.4.5-8.el9_4.s390x",
"product": {
"name": "389-ds-base-0:2.4.5-8.el9_4.s390x",
"product_id": "389-ds-base-0:2.4.5-8.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@2.4.5-8.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"product": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"product_id": "389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@2.4.5-8.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"product": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"product_id": "389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debugsource@2.4.5-8.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"product": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"product_id": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@2.4.5-8.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"product": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"product_id": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs-debuginfo@2.4.5-8.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"product": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"product_id": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp-debuginfo@2.4.5-8.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"product": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"product_id": "389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@2.4.5-8.el9_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-lib389-0:2.4.5-8.el9_4.noarch",
"product": {
"name": "python3-lib389-0:2.4.5-8.el9_4.noarch",
"product_id": "python3-lib389-0:2.4.5-8.el9_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-lib389@2.4.5-8.el9_4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-8.el9_4.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src"
},
"product_reference": "389-ds-base-0:2.4.5-8.el9_4.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-lib389-0:2.4.5-8.el9_4.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch"
},
"product_reference": "python3-lib389-0:2.4.5-8.el9_4.noarch",
"relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-8.el9_4.src as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src"
},
"product_reference": "389-ds-base-0:2.4.5-8.el9_4.src",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64"
},
"product_reference": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le"
},
"product_reference": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x"
},
"product_reference": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64"
},
"product_reference": "389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-lib389-0:2.4.5-8.el9_4.noarch as a component of Red Hat Enterprise Linux CRB (v. 9)",
"product_id": "CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch"
},
"product_reference": "python3-lib389-0:2.4.5-8.el9_4.noarch",
"relates_to_product_reference": "CRB-9.4.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2199",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2267976"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "LDAP servers are not usually exposed to the open internet, requiring adjacent connectivity for a successful attack. This issue also requires a compromised user account to perform the attack. Therefore, this flaw is rated as a Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-2199"
},
{
"category": "external",
"summary": "RHBZ#2267976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267976"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-2199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2199"
}
],
"release_date": "2024-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-11T19:53:52+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c"
},
{
"cve": "CVE-2024-3657",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2274401"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is categorized as an important severity issue rather than a critical one because, while it can cause a denial of service by stopping the directory service, it does not allow for remote code execution, privilege escalation, or data exfiltration. The impact is limited to service disruption, which can be mitigated by monitoring and automatic service restarts. Additionally, exploiting this vulnerability requires specific crafted packets, indicating that an attacker would need a certain level of knowledge and access to execute the attack, reducing the likelihood of widespread exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-3657"
},
{
"category": "external",
"summary": "RHBZ#2274401",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-3657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-3657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3657"
}
],
"release_date": "2024-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-11T19:53:52+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3837"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"AppStream-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"AppStream-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.src",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-debugsource-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-devel-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-libs-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.aarch64",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.ppc64le",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.s390x",
"CRB-9.4.0.Z.MAIN.EUS:389-ds-base-snmp-debuginfo-0:2.4.5-8.el9_4.x86_64",
"CRB-9.4.0.Z.MAIN.EUS:python3-lib389-0:2.4.5-8.el9_4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request"
}
]
}
RHSA-2024:4092
Vulnerability from csaf_redhat - Published: 2024-06-25 11:13 - Updated: 2026-02-25 19:31Summary
Red Hat Security Advisory: redhat-ds:12 security, bug fix update
Severity
Important
Notes
Topic: An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12.4 for RHEL 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.
Security Fix(es):
* 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) (2267976)
* 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) (2274401)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* One level scoped search now returns a subsuffix correctly (BZ#2292903)
* Improved performance of filter component evaluation when tested against a large value set, such as group members (BZ#2293001)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
5.7 (Medium)
Affected products
Fixed
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
7.5 (High)
Affected products
Fixed
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
15 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:4092 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2267976 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2274401 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2292903 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2293001 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-2199 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2267976 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-2199 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-2199 | external |
| https://access.redhat.com/security/cve/CVE-2024-3657 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2274401 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-3657 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-3657 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12.4 for RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.\n\nSecurity Fix(es):\n\n* 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) (2267976)\n\n* 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) (2274401)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* One level scoped search now returns a subsuffix correctly (BZ#2292903)\n\n* Improved performance of filter component evaluation when tested against a large value set, such as group members (BZ#2293001)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:4092",
"url": "https://access.redhat.com/errata/RHSA-2024:4092"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2267976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267976"
},
{
"category": "external",
"summary": "2274401",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"category": "external",
"summary": "2292903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292903"
},
{
"category": "external",
"summary": "2293001",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293001"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4092.json"
}
],
"title": "Red Hat Security Advisory: redhat-ds:12 security, bug fix update",
"tracking": {
"current_release_date": "2026-02-25T19:31:57+00:00",
"generator": {
"date": "2026-02-25T19:31:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2024:4092",
"initial_release_date": "2024-06-25T11:13:51+00:00",
"revision_history": [
{
"date": "2024-06-25T11:13:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-06-25T11:13:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-25T19:31:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Directory Server 12.4 for RHEL 9",
"product": {
"name": "Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:directory_server:12.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Directory Server"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"product": {
"name": "389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src (redhat-ds:12)",
"product_id": "389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=src\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product": {
"name": "389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12)",
"product_id": "389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=x86_64\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product": {
"name": "389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12)",
"product_id": "389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=x86_64\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product": {
"name": "389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12)",
"product_id": "389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debugsource@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=x86_64\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product": {
"name": "389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12)",
"product_id": "389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=x86_64\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product": {
"name": "389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12)",
"product_id": "389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=x86_64\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12)",
"product_id": "389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs-debuginfo@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=x86_64\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product": {
"name": "389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12)",
"product_id": "389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=x86_64\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12)",
"product_id": "389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp-debuginfo@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=x86_64\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"product": {
"name": "cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch (redhat-ds:12)",
"product_id": "cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cockpit-389-ds@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=noarch\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
},
{
"category": "product_version",
"name": "python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"product": {
"name": "python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch (redhat-ds:12)",
"product_id": "python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-lib389@2.4.5-4.module%2Bel9dsrv%2B21964%2Bc7e95493?arch=noarch\u0026rpmmod=redhat-ds:12:9040020240604143706:1674d574"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12"
},
"product_reference": "389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12"
},
"product_reference": "389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12"
},
"product_reference": "389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12"
},
"product_reference": "389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12"
},
"product_reference": "389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12"
},
"product_reference": "389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12"
},
"product_reference": "389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12"
},
"product_reference": "389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64 (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12"
},
"product_reference": "389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12"
},
"product_reference": "cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch (redhat-ds:12) as a component of Red Hat Directory Server 12.4 for RHEL 9",
"product_id": "9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12"
},
"product_reference": "python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"relates_to_product_reference": "9Base-DirSrv-12.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2199",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2267976"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "LDAP servers are not usually exposed to the open internet, requiring adjacent connectivity for a successful attack. This issue also requires a compromised user account to perform the attack. Therefore, this flaw is rated as a Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-2199"
},
{
"category": "external",
"summary": "RHBZ#2267976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267976"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-2199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2199"
}
],
"release_date": "2024-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-25T11:13:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4092"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c"
},
{
"cve": "CVE-2024-3657",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2274401"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is categorized as an important severity issue rather than a critical one because, while it can cause a denial of service by stopping the directory service, it does not allow for remote code execution, privilege escalation, or data exfiltration. The impact is limited to service disruption, which can be mitigated by monitoring and automatic service restarts. Additionally, exploiting this vulnerability requires specific crafted packets, indicating that an attacker would need a certain level of knowledge and access to execute the attack, reducing the likelihood of widespread exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-3657"
},
{
"category": "external",
"summary": "RHBZ#2274401",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-3657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-3657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3657"
}
],
"release_date": "2024-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-25T11:13:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4092"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.src::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-debugsource-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-devel-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-libs-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:389-ds-base-snmp-debuginfo-0:2.4.5-4.module+el9dsrv+21964+c7e95493.x86_64::redhat-ds:12",
"9Base-DirSrv-12.4:cockpit-389-ds-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12",
"9Base-DirSrv-12.4:python3-lib389-0:2.4.5-4.module+el9dsrv+21964+c7e95493.noarch::redhat-ds:12"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request"
}
]
}
RHSA-2024:4209
Vulnerability from csaf_redhat - Published: 2024-07-02 08:02 - Updated: 2026-02-25 19:31Summary
Red Hat Security Advisory: redhat-ds:11 security and bug fix update
Severity
Important
Notes
Topic: An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.2 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.
Security Fix(s):
* 389-ds-base: Potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) (BZ#2274401)
* 389-ds-base: Authenticated user can cause a server failure while modifying `userPassword` using malformed input (CVE-2024-2199) (BZ#2267976)
* 389-ds-base: Denial of service when writing a value larger than 256 chars in log_entry_attr (CVE-2024-1062) (BZ#2261879)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug fix(es):
* Directory Server now flushes the entry cache less frequently (BZ#2268177)
* The `ns-slapd` binary is now linked with the thread-safe `libldap_r` library, no longer causing segmentation fault (BZ#2264534)
Users of Red Hat Directory Server 11 are advised to install these updated packages.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
5.5 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
5.7 (Medium)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
21 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:4209 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2261879 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2267976 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2268183 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2274367 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2274401 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-1062 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2261879 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-1062 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-1062 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2256711 | external |
| https://access.redhat.com/security/cve/CVE-2024-2199 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2267976 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-2199 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-2199 | external |
| https://access.redhat.com/security/cve/CVE-2024-3657 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2274401 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-3657 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-3657 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.2 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration.\n\nSecurity Fix(s):\n* 389-ds-base: Potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) (BZ#2274401)\n\n* 389-ds-base: Authenticated user can cause a server failure while modifying `userPassword` using malformed input (CVE-2024-2199) (BZ#2267976)\n\n* 389-ds-base: Denial of service when writing a value larger than 256 chars in log_entry_attr (CVE-2024-1062) (BZ#2261879)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug fix(es):\n\n* Directory Server now flushes the entry cache less frequently (BZ#2268177)\n\n* The `ns-slapd` binary is now linked with the thread-safe `libldap_r` library, no longer causing segmentation fault (BZ#2264534)\n\nUsers of Red Hat Directory Server 11 are advised to install these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:4209",
"url": "https://access.redhat.com/errata/RHSA-2024:4209"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2261879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261879"
},
{
"category": "external",
"summary": "2267976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267976"
},
{
"category": "external",
"summary": "2268183",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268183"
},
{
"category": "external",
"summary": "2274367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274367"
},
{
"category": "external",
"summary": "2274401",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4209.json"
}
],
"title": "Red Hat Security Advisory: redhat-ds:11 security and bug fix update",
"tracking": {
"current_release_date": "2026-02-25T19:31:57+00:00",
"generator": {
"date": "2026-02-25T19:31:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2024:4209",
"initial_release_date": "2024-07-02T08:02:32+00:00",
"revision_history": [
{
"date": "2024-07-02T08:02:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-07-02T08:02:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-25T19:31:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Directory Server 11.8 for RHEL 8",
"product": {
"name": "Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:directory_server:11.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Directory Server"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"product": {
"name": "389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src (redhat-ds:11)",
"product_id": "389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=src\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product": {
"name": "389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11)",
"product_id": "389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=x86_64\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product": {
"name": "389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11)",
"product_id": "389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=x86_64\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product": {
"name": "389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11)",
"product_id": "389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debugsource@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=x86_64\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product": {
"name": "389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11)",
"product_id": "389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=x86_64\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product": {
"name": "389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11)",
"product_id": "389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-legacy-tools@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=x86_64\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product": {
"name": "389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11)",
"product_id": "389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-legacy-tools-debuginfo@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=x86_64\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product": {
"name": "389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11)",
"product_id": "389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=x86_64\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product": {
"name": "389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11)",
"product_id": "389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs-debuginfo@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=x86_64\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product": {
"name": "389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11)",
"product_id": "389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=x86_64\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product": {
"name": "389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11)",
"product_id": "389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp-debuginfo@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=x86_64\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"product": {
"name": "cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch (redhat-ds:11)",
"product_id": "cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cockpit-389-ds@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=noarch\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
},
{
"category": "product_version",
"name": "python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"product": {
"name": "python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch (redhat-ds:11)",
"product_id": "python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-lib389@1.4.3.37-10.module%2Bel8dsrv%2B21971%2Bf7435891?arch=noarch\u0026rpmmod=redhat-ds:11:8090020240606122459:91529cd0"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11"
},
"product_reference": "389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11"
},
"product_reference": "389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11"
},
"product_reference": "389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11"
},
"product_reference": "389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11"
},
"product_reference": "389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11"
},
"product_reference": "389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11"
},
"product_reference": "389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11"
},
"product_reference": "389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11"
},
"product_reference": "389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11"
},
"product_reference": "389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64 (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11"
},
"product_reference": "389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
},
"product_reference": "cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch (redhat-ds:11) as a component of Red Hat Directory Server 11.8 for RHEL 8",
"product_id": "8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
},
"product_reference": "python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"relates_to_product_reference": "8Base-DirSrv-11.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-1062",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2024-01-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2261879"
}
],
"notes": [
{
"category": "description",
"text": "A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1062"
},
{
"category": "external",
"summary": "RHBZ#2261879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261879"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1062"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1062",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1062"
},
{
"category": "external",
"summary": "https://bugzilla.redhat.com/show_bug.cgi?id=2256711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256711"
}
],
"release_date": "2024-01-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-02T08:02:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4209"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)"
},
{
"cve": "CVE-2024-2199",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2267976"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "LDAP servers are not usually exposed to the open internet, requiring adjacent connectivity for a successful attack. This issue also requires a compromised user account to perform the attack. Therefore, this flaw is rated as a Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-2199"
},
{
"category": "external",
"summary": "RHBZ#2267976",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267976"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-2199",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2199"
}
],
"release_date": "2024-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-02T08:02:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4209"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c"
},
{
"cve": "CVE-2024-3657",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2274401"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is categorized as an important severity issue rather than a critical one because, while it can cause a denial of service by stopping the directory service, it does not allow for remote code execution, privilege escalation, or data exfiltration. The impact is limited to service disruption, which can be mitigated by monitoring and automatic service restarts. Additionally, exploiting this vulnerability requires specific crafted packets, indicating that an attacker would need a certain level of knowledge and access to execute the attack, reducing the likelihood of widespread exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-3657"
},
{
"category": "external",
"summary": "RHBZ#2274401",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-3657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-3657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3657"
}
],
"release_date": "2024-05-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-02T08:02:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4209"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.src::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-debugsource-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-devel-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-legacy-tools-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-libs-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:389-ds-base-snmp-debuginfo-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.x86_64::redhat-ds:11",
"8Base-DirSrv-11.8:cockpit-389-ds-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11",
"8Base-DirSrv-11.8:python3-lib389-0:1.4.3.37-10.module+el8dsrv+21971+f7435891.noarch::redhat-ds:11"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…