CVE-2017-7551

Published: Aug 16, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.

Vendor	Product	Versions
389 Directory Server	389-ds-base	affected `before 1.3.5.19 and 1.3.6.7`

Weaknesses (CWE)

CWE-209

References

RHSA-2017:2569

vendor-advisory

x_refsource_REDHAT

https://pagure.io/389-ds-base/issue/49336

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-7551

Description

Affected Products

Weaknesses (CWE)

References