Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-8445 (GCVE-0-2024-8445)
Vulnerability from cvelistv5 – Published: 2024-09-05 14:24 – Updated: 2025-11-06 23:16
VLAI
EPSS
Title
389-ds-base: server crash while modifying `userpassword` using malformed input (incomplete fix for cve-2024-2199)
Summary
The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:7434 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-8445 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2310110 | issue-trackingx_refsource_REDHAT |
| https://lists.debian.org/debian-lts-announce/2025… |
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
3.1.1
(semver)
|
|||
| Red Hat | Red Hat Enterprise Linux 7 Extended Lifecycle Support |
Unaffected:
0:1.3.11.1-7.el7_9 , < *
(rpm)
cpe:/o:redhat:rhel_els:7 |
|
| Red Hat | Red Hat Directory Server 11 |
cpe:/a:redhat:directory_server:11 |
|
| Red Hat | Red Hat Directory Server 12 |
cpe:/a:redhat:directory_server:12 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
Date Public
2024-09-05 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8445",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:58:06.641154Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:58:15.942Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:56:29.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/389ds/389-ds-base",
"defaultStatus": "unknown",
"packageName": "389-ds-base",
"versions": [
{
"status": "affected",
"version": "3.1.1",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"packageName": "389-ds-base",
"product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.11.1-7.el7_9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:directory_server:11"
],
"defaultStatus": "unaffected",
"packageName": "redhat-ds:11/389-ds-base",
"product": "Red Hat Directory Server 11",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:directory_server:12"
],
"defaultStatus": "unaffected",
"packageName": "redhat-ds:12/389-ds-base",
"product": "Red Hat Directory Server 12",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "389-ds-base",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "389-ds-base",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "389-ds:1.4/389-ds-base",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "389-ds-base",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2024-09-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T23:16:47.118Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:7434",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:7434"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-8445"
},
{
"name": "RHBZ#2310110",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-05T00:18:40.983Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-09-05T00:00:00.000Z",
"value": "Made public."
}
],
"title": "389-ds-base: server crash while modifying `userpassword` using malformed input (incomplete fix for cve-2024-2199)",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-20: Improper Input Validation"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-8445",
"datePublished": "2024-09-05T14:24:01.125Z",
"dateReserved": "2024-09-05T00:28:32.318Z",
"dateUpdated": "2025-11-06T23:16:47.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-8445",
"date": "2026-06-04",
"epss": "0.00076",
"percentile": "0.22952"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.\"}, {\"lang\": \"es\", \"value\": \"La correcci\\u00f3n de CVE-2024-2199 en 389-ds-base no fue suficiente para cubrir todos los escenarios. En ciertas versiones del producto, un usuario autenticado puede provocar un bloqueo del servidor al modificar `userPassword` mediante una entrada mal formada.\"}]",
"id": "CVE-2024-8445",
"lastModified": "2024-10-01T06:15:02.650",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 3.6}]}",
"published": "2024-09-05T15:15:16.927",
"references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2024:7434\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-8445\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2310110\", \"source\": \"secalert@redhat.com\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-8445\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-09-05T15:15:16.927\",\"lastModified\":\"2025-11-03T21:18:48.557\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.\"},{\"lang\":\"es\",\"value\":\"La correcci\u00f3n de CVE-2024-2199 en 389-ds-base no fue suficiente para cubrir todos los escenarios. En ciertas versiones del producto, un usuario autenticado puede provocar un bloqueo del servidor al modificar `userPassword` mediante una entrada mal formada.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.1,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:7434\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-8445\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2310110\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T20:56:29.062Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-8445\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-05T19:58:06.641154Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-05T19:58:11.798Z\"}}], \"cna\": {\"title\": \"389-ds-base: server crash while modifying `userpassword` using malformed input (incomplete fix for cve-2024-2199)\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.7, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"3.1.1\", \"versionType\": \"semver\"}], \"packageName\": \"389-ds-base\", \"collectionURL\": \"https://github.com/389ds/389-ds-base\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_els:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7 Extended Lifecycle Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:1.3.11.1-7.el7_9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:directory_server:11\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Directory Server 11\", \"packageName\": \"redhat-ds:11/389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:directory_server:12\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Directory Server 12\", \"packageName\": \"redhat-ds:12/389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"389-ds:1.4/389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"389-ds-base\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-09-05T00:18:40.983000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-09-05T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-09-05T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:7434\", \"name\": \"RHSA-2024:7434\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-8445\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2310110\", \"name\": \"RHBZ#2310110\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-06T23:16:47.118Z\"}, \"x_redhatCweChain\": \"CWE-20: Improper Input Validation\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-8445\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-06T23:16:47.118Z\", \"dateReserved\": \"2024-09-05T00:28:32.318Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-09-05T14:24:01.125Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Title
Уязвимость пакета 389-ds-base операционных систем Debian GNU/Linux и Red Hat Enterprise Linux, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость пакета 389-ds-base операционных систем Debian GNU/Linux и Red Hat Enterprise Linux существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании при изменении параметра userPassword с использованием неправильно сформированного ввода
Severity
Vendor
Red Hat Inc., Сообщество свободного программного обеспечения
Software Name
Red Hat Enterprise Linux, Debian GNU/Linux
Software Version
7 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux)
Possible Mitigations
Компенсирующие меры:
- отключение неиспользуемых учетных записей, а также учетных записей недоверенных пользователей;
- принудительная смена паролей пользователей;
- реализация дополнительных проверок на уровне приложения для фильтрации или валидации ввода перед его обработкой с помощью сторонних программных средств;
- фильтрация входных данных на уровне веб-приложений
- использование антивирусных средств защиты;
- мониторинг действий пользователей.
Использование рекомендаций:
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2024-8445
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2024-8445
Reference
https://bugzilla.redhat.com/show_bug.cgi?id=2310110
https://access.redhat.com/security/cve/CVE-2024-8445
https://security-tracker.debian.org/tracker/CVE-2024-8445
CWE
CWE-20
{
"CVSS 2.0": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"CVSS 3.0": "AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439;\n- \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0441\u043c\u0435\u043d\u0430 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439;\n- \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0432\u0430\u043b\u0438\u0434\u0430\u0446\u0438\u0438 \u0432\u0432\u043e\u0434\u0430 \u043f\u0435\u0440\u0435\u0434 \u0435\u0433\u043e \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432;\n- \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044f \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b;\n- \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2024-8445\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2024-8445",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "05.09.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.09.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "06.09.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-06729",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-8445",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Enterprise Linux, Debian GNU/Linux",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Red Hat Inc. Red Hat Enterprise Linux 7 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u0430 389-ds-base \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Debian GNU/Linux \u0438 Red Hat Enterprise Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u0430 389-ds-base \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Debian GNU/Linux \u0438 Red Hat Enterprise Linux \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 userPassword \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u0432\u043e\u0434\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110\nhttps://access.redhat.com/security/cve/CVE-2024-8445\nhttps://security-tracker.debian.org/tracker/CVE-2024-8445",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,7)"
}
FKIE_CVE-2024-8445
Vulnerability from fkie_nvd - Published: 2024-09-05 15:15 - Updated: 2026-04-15 00:35
Severity
Summary
The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input."
},
{
"lang": "es",
"value": "La correcci\u00f3n de CVE-2024-2199 en 389-ds-base no fue suficiente para cubrir todos los escenarios. En ciertas versiones del producto, un usuario autenticado puede provocar un bloqueo del servidor al modificar `userPassword` mediante una entrada mal formada."
}
],
"id": "CVE-2024-8445",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2024-09-05T15:15:16.927",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:7434"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/security/cve/CVE-2024-8445"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
GHSA-9Q6M-VR5H-RQQ5
Vulnerability from github – Published: 2024-09-05 15:33 – Updated: 2025-11-03 21:31
VLAI
Details
The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying userPassword using malformed input.
Severity
5.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-8445"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-05T15:15:16Z",
"severity": "MODERATE"
},
"details": "The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.",
"id": "GHSA-9q6m-vr5h-rqq5",
"modified": "2025-11-03T21:31:12Z",
"published": "2024-09-05T15:33:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8445"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:7434"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2024-8445"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
RHSA-2024:7434
Vulnerability from csaf_redhat - Published: 2024-10-01 00:54 - Updated: 2026-03-18 02:46Summary
Red Hat Security Advisory: 389-ds-base security update
Severity
Moderate
Notes
Topic: An update for 389-ds-base is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.
Security Fix(es):
* 389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199) (CVE-2024-8445)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.
5.7 (Medium)
Affected products
Fixed
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for 389-ds-base is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.\n\nSecurity Fix(es):\n\n* 389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199) (CVE-2024-8445)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7434",
"url": "https://access.redhat.com/errata/RHSA-2024:7434"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2310110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7434.json"
}
],
"title": "Red Hat Security Advisory: 389-ds-base security update",
"tracking": {
"current_release_date": "2026-03-18T02:46:35+00:00",
"generator": {
"date": "2026-03-18T02:46:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:7434",
"initial_release_date": "2024-10-01T00:54:28+00:00",
"revision_history": [
{
"date": "2024-10-01T00:54:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-01-13T10:04:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:46:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-7.el7_9.src",
"product": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.src",
"product_id": "389-ds-base-0:1.3.11.1-7.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-7.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"product": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"product_id": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"product_id": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"product_id": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"product_id": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-7.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"product": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"product_id": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"product_id": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"product_id": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"product_id": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-7.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"product": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"product_id": "389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"product_id": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"product_id": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"product_id": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-7.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"product": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"product_id": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-7.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"product_id": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-7.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"product_id": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-7.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"product_id": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-7.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-7.el7_9?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.src as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.src",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.src",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-8445",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-09-05T00:18:40.983000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310110"
}
],
"notes": [
{
"category": "description",
"text": "The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8445"
},
{
"category": "external",
"summary": "RHBZ#2310110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8445",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8445"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8445",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8445"
}
],
"release_date": "2024-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-01T00:54:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7434"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199)"
}
]
}
RHSA-2024_7434
Vulnerability from csaf_redhat - Published: 2024-10-01 00:54 - Updated: 2024-11-24 19:33Summary
Red Hat Security Advisory: 389-ds-base security update
Severity
Moderate
Notes
Topic: An update for 389-ds-base is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7-ELS Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.
5.7 (Medium)
Affected products
Fixed
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for 389-ds-base is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7-ELS Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7434",
"url": "https://access.redhat.com/errata/RHSA-2024:7434"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/7-ELS/html/7-ELS_release_notes/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/7-ELS/html/7-ELS_release_notes/index"
},
{
"category": "external",
"summary": "2310110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7434.json"
}
],
"title": "Red Hat Security Advisory: 389-ds-base security update",
"tracking": {
"current_release_date": "2024-11-24T19:33:24+00:00",
"generator": {
"date": "2024-11-24T19:33:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:7434",
"initial_release_date": "2024-10-01T00:54:28+00:00",
"revision_history": [
{
"date": "2024-10-01T00:54:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-01T00:54:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T19:33:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-7.el7_9.src",
"product": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.src",
"product_id": "389-ds-base-0:1.3.11.1-7.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-7.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"product": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"product_id": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"product_id": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"product_id": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-7.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"product_id": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-7.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"product": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"product_id": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"product_id": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"product_id": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-7.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"product_id": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-7.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"product": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"product_id": "389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"product_id": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"product_id": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"product_id": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-7.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-7.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"product": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"product_id": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base@1.3.11.1-7.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"product": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"product_id": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-devel@1.3.11.1-7.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"product": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"product_id": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-libs@1.3.11.1-7.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"product": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"product_id": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-snmp@1.3.11.1-7.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"product": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"product_id": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/389-ds-base-debuginfo@1.3.11.1-7.el7_9?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.src as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.src",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.src",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
},
"product_reference": "389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-8445",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-09-05T00:18:40.983000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310110"
}
],
"notes": [
{
"category": "description",
"text": "The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8445"
},
{
"category": "external",
"summary": "RHBZ#2310110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8445",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8445"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8445",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8445"
}
],
"release_date": "2024-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-01T00:54:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7434"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.src",
"7Server-optional-ELS:389-ds-base-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-debuginfo-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-devel-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-libs-0:1.3.11.1-7.el7_9.x86_64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.ppc64le",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.s390x",
"7Server-optional-ELS:389-ds-base-snmp-0:1.3.11.1-7.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…