CVE-2014-3562 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:N/A:N
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 53%

Vendor	Product	Version
fedoraproject	389_directory_server	1.2.1
fedoraproject	389_directory_server	1.2.2
fedoraproject	389_directory_server	1.2.3
fedoraproject	389_directory_server	1.2.5
fedoraproject	389_directory_server	1.2.5:rc1
fedoraproject	389_directory_server	1.2.5:rc2
fedoraproject	389_directory_server	1.2.5:rc3
fedoraproject	389_directory_server	1.2.5:rc4
fedoraproject	389_directory_server	1.2.6
fedoraproject	389_directory_server	1.2.6:a2
fedoraproject	389_directory_server	1.2.6:a3
fedoraproject	389_directory_server	1.2.6:a4
fedoraproject	389_directory_server	1.2.6:rc1
fedoraproject	389_directory_server	1.2.6:rc2
fedoraproject	389_directory_server	1.2.6:rc3
fedoraproject	389_directory_server	1.2.6:rc6
fedoraproject	389_directory_server	1.2.6:rc7
fedoraproject	389_directory_server	1.2.6.1
fedoraproject	389_directory_server	1.2.7:alpha3
fedoraproject	389_directory_server	1.2.7.5
fedoraproject	389_directory_server	1.2.8:alpha1
fedoraproject	389_directory_server	1.2.8:alpha2
fedoraproject	389_directory_server	1.2.8:alpha3
fedoraproject	389_directory_server	1.2.8:rc1
fedoraproject	389_directory_server	1.2.8:rc2
fedoraproject	389_directory_server	1.2.8.1
fedoraproject	389_directory_server	1.2.8.2
fedoraproject	389_directory_server	1.2.8.3
fedoraproject	389_directory_server	1.2.9.9
fedoraproject	389_directory_server	1.2.10
fedoraproject	389_directory_server	1.2.10:alpha8
fedoraproject	389_directory_server	1.2.10:rc1
fedoraproject	389_directory_server	1.2.10.2
fedoraproject	389_directory_server	1.2.10.3
fedoraproject	389_directory_server	1.2.10.4
fedoraproject	389_directory_server	1.2.10.11
fedoraproject	389_directory_server	1.2.11.1
fedoraproject	389_directory_server	1.2.11.5
fedoraproject	389_directory_server	1.2.11.6
fedoraproject	389_directory_server	1.2.11.8
fedoraproject	389_directory_server	1.2.11.9
fedoraproject	389_directory_server	1.2.11.10
fedoraproject	389_directory_server	1.2.11.11
fedoraproject	389_directory_server	1.2.11.12
fedoraproject	389_directory_server	1.2.11.13
fedoraproject	389_directory_server	1.2.11.14
fedoraproject	389_directory_server	1.2.11.15
fedoraproject	389_directory_server	1.2.11.17
fedoraproject	389_directory_server	1.2.11.19
fedoraproject	389_directory_server	1.2.11.20
fedoraproject	389_directory_server	1.2.11.21
fedoraproject	389_directory_server	1.2.11.22
fedoraproject	389_directory_server	1.2.11.23
fedoraproject	389_directory_server	1.2.11.25
fedoraproject	389_directory_server	1.2.11.26
fedoraproject	389_directory_server	1.3.0.2
fedoraproject	389_directory_server	1.3.0.3
fedoraproject	389_directory_server	1.3.0.4
fedoraproject	389_directory_server	1.3.0.5
fedoraproject	389_directory_server	1.3.0.6
fedoraproject	389_directory_server	1.3.0.7
fedoraproject	389_directory_server	1.3.0.8
redhat	directory_server	8.0
redhat	enterprise_linux	6.0
redhat	enterprise_linux	7.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

389-ds-base

bullseye	1.4.4.11-2 fixed
bookworm	2.3.1+dfsg1-1 fixed
sid	3.1.1+dfsg1-2 fixed
trixie	3.1.1+dfsg1-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

389-ds-base

disco	not-affected
cosmic	not-affected
bionic	not-affected
artful	not-affected
zesty	not-affected
yakkety	not-affected
xenial	not-affected
wily	ignored
vivid	ignored
utopic	ignored
trusty	dne
precise	ignored
lucid	dne

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://rhn.redhat.com/errata/RHSA-2014-1031.html

http://rhn.redhat.com/errata/RHSA-2014-1032.html

https://bugzilla.redhat.com/show_bug.cgi?id=1123477

http://rhn.redhat.com/errata/RHSA-2014-1031.html

http://rhn.redhat.com/errata/RHSA-2014-1032.html

https://bugzilla.redhat.com/show_bug.cgi?id=1123477