CVE-2014-8112 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:S/C:P/I:N/A:N
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 49%

Vendor	Product	Version
fedoraproject	389_directory_server	1.3.1.0
fedoraproject	389_directory_server	1.3.1.1
fedoraproject	389_directory_server	1.3.1.2
fedoraproject	389_directory_server	1.3.1.3
fedoraproject	389_directory_server	1.3.1.4
fedoraproject	389_directory_server	1.3.1.5
fedoraproject	389_directory_server	1.3.1.6
fedoraproject	389_directory_server	1.3.1.7
fedoraproject	389_directory_server	1.3.1.8
fedoraproject	389_directory_server	1.3.1.9
fedoraproject	389_directory_server	1.3.1.10
fedoraproject	389_directory_server	1.3.1.11
fedoraproject	389_directory_server	1.3.1.12
fedoraproject	389_directory_server	1.3.1.13
fedoraproject	389_directory_server	1.3.1.14
fedoraproject	389_directory_server	1.3.1.15
fedoraproject	389_directory_server	1.3.1.16
fedoraproject	389_directory_server	1.3.1.17
fedoraproject	389_directory_server	1.3.1.18
fedoraproject	389_directory_server	1.3.1.19
fedoraproject	389_directory_server	1.3.1.22
fedoraproject	389_directory_server	1.3.2.2
fedoraproject	389_directory_server	1.3.2.3
fedoraproject	389_directory_server	1.3.2.4
fedoraproject	389_directory_server	1.3.2.5
fedoraproject	389_directory_server	1.3.2.6
fedoraproject	389_directory_server	1.3.2.7
fedoraproject	389_directory_server	1.3.2.8
fedoraproject	389_directory_server	1.3.2.9
fedoraproject	389_directory_server	1.3.2.10
fedoraproject	389_directory_server	1.3.2.11
fedoraproject	389_directory_server	1.3.2.13
fedoraproject	389_directory_server	1.3.2.16
fedoraproject	389_directory_server	1.3.2.19
fedoraproject	389_directory_server	1.3.2.22
fedoraproject	389_directory_server	1.3.2.23
fedoraproject	389_directory_server	1.3.2.24
fedoraproject	389_directory_server	1.3.2.26
fedoraproject	389_directory_server	1.3.3.0
fedoraproject	389_directory_server	1.3.3.2
fedoraproject	389_directory_server	1.3.3.3
fedoraproject	389_directory_server	1.3.3.5
fedoraproject	389_directory_server	1.3.3.8

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

389-ds-base

bullseye	1.4.4.11-2 fixed
bookworm	2.3.1+dfsg1-1 fixed
sid	3.1.1+dfsg1-2 fixed
trixie	3.1.1+dfsg1-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

389-ds-base

disco	not-affected
cosmic	not-affected
bionic	not-affected
artful	not-affected
zesty	not-affected
yakkety	not-affected
xenial	not-affected
wily	ignored
vivid	ignored
utopic	ignored
trusty	dne
precise	not-affected
lucid	dne

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-2-27.html

http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-9.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153991.html

http://rhn.redhat.com/errata/RHSA-2015-0416.html

https://bugzilla.redhat.com/show_bug.cgi?id=1172729

http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-2-27.html

http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-3-9.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153991.html

http://rhn.redhat.com/errata/RHSA-2015-0416.html

https://bugzilla.redhat.com/show_bug.cgi?id=1172729