The Red Hat Directory Server prior to 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat directory server |
||
redhat directory server 8.1 |
||
redhat directory server 8.0 |
||
redhat directory server 7.1 |
||
fedoraproject 389 directory server - |