CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
openldapopenldap
𝑥
< 2.4.56
redhatjboss_core_services
-
redhatjboss_enterprise_application_platform
5.0.0
redhatjboss_enterprise_web_server
2.0.0
redhatenterprise_linux
5.0
redhatenterprise_linux
6.0
redhatenterprise_linux
7.0
debiandebian_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openldap
bookworm
2.5.13+dfsg-5
fixed
bullseye
2.4.57+dfsg-3+deb11u1
fixed
bullseye (security)
2.4.57+dfsg-3+deb11u1
fixed
sid
2.5.18+dfsg-3
fixed
trixie
2.5.18+dfsg-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openldap
bionic
Fixed 2.4.45+dfsg-1ubuntu1.8
released
focal
Fixed 2.4.49+dfsg-2ubuntu1.5
released
groovy
Fixed 2.4.53+dfsg-1ubuntu1.2
released
trusty
Fixed 2.4.31-1+nmu2ubuntu8.5+esm4
released
xenial
Fixed 2.4.42+dfsg-2ubuntu3.11
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libldap-2_4-2
suse enterprise desktop 15 SP2
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP3
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise desktop 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise desktop 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise desktop 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP2
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP3
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise sap 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise sap 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise server 12 SP3
2.4.41-18.80.1
fixed
suse enterprise server 15 SP2
2.4.46-9.45.1
fixed
suse enterprise server 15 SP3
2.4.46-9.45.1
fixed
suse enterprise server 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise server 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise server 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise server 15 SP7
2.4.46-150600.23.21
fixed
libldap-2_4-2-32bit
suse enterprise desktop 15 SP2
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP3
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise desktop 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise desktop 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise desktop 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP2
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP3
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise sap 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise sap 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise server 12 SP3
2.4.41-18.80.1
fixed
suse enterprise server 15 SP2
2.4.46-9.45.1
fixed
suse enterprise server 15 SP3
2.4.46-9.45.1
fixed
suse enterprise server 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise server 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise server 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise server 15 SP7
2.4.46-150600.23.21
fixed
libldap-data
suse enterprise desktop 15 SP2
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP3
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise desktop 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise desktop 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise desktop 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP2
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP3
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise sap 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise sap 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise server 15 SP2
2.4.46-9.45.1
fixed
suse enterprise server 15 SP3
2.4.46-9.45.1
fixed
suse enterprise server 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise server 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise server 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise server 15 SP7
2.4.46-150600.23.21
fixed
openldap2
suse enterprise sap 15 SP2
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP3
2.4.46-9.45.1
fixed
suse enterprise server 12 SP3
2.4.41-18.80.1
fixed
suse enterprise server 15 SP2
2.4.46-9.45.1
fixed
suse enterprise server 15 SP3
2.4.46-9.45.1
fixed
openldap2-back-meta
suse enterprise sap 15 SP2
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP3
2.4.46-9.45.1
fixed
suse enterprise server 12 SP3
2.4.41-18.80.1
fixed
suse enterprise server 15 SP2
2.4.46-9.45.1
fixed
suse enterprise server 15 SP3
2.4.46-9.45.1
fixed
openldap2-back-perl
suse enterprise sap 15 SP2
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP3
2.4.46-9.45.1
fixed
suse enterprise server 15 SP2
2.4.46-9.45.1
fixed
suse enterprise server 15 SP3
2.4.46-9.45.1
fixed
openldap2-client
suse enterprise desktop 15 SP2
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP3
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise desktop 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise desktop 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise desktop 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP2
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP3
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise sap 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise sap 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise server 12 SP3
2.4.41-18.80.1
fixed
suse enterprise server 15 SP2
2.4.46-9.45.1
fixed
suse enterprise server 15 SP3
2.4.46-9.45.1
fixed
suse enterprise server 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise server 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise server 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise server 15 SP7
2.4.46-150600.23.21
fixed
openldap2-devel
suse enterprise desktop 15 SP2
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP3
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise desktop 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise desktop 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise desktop 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP2
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP3
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise sap 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise sap 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise server 15 SP2
2.4.46-9.45.1
fixed
suse enterprise server 15 SP3
2.4.46-9.45.1
fixed
suse enterprise server 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise server 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise server 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise server 15 SP7
2.4.46-150600.23.21
fixed
openldap2-devel-static
suse enterprise desktop 15 SP2
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP3
2.4.46-9.45.1
fixed
suse enterprise desktop 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise desktop 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise desktop 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise desktop 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP2
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP3
2.4.46-9.45.1
fixed
suse enterprise sap 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise sap 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise sap 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise sap 15 SP7
2.4.46-150600.23.21
fixed
suse enterprise server 15 SP2
2.4.46-9.45.1
fixed
suse enterprise server 15 SP3
2.4.46-9.45.1
fixed
suse enterprise server 15 SP4
2.4.46-150200.14.5.1
fixed
suse enterprise server 15 SP5
2.4.46-150200.14.11.2
fixed
suse enterprise server 15 SP6
2.4.46-150600.23.21
fixed
suse enterprise server 15 SP7
2.4.46-150600.23.21
fixed
openldap2-doc
suse enterprise server 12 SP3
2.4.41-18.80.1
fixed
openldap2-ppolicy-check-password
suse enterprise sap 15 SP2
1.2-9.45.1
fixed
suse enterprise sap 15 SP3
1.2-9.45.1
fixed
suse enterprise server 12 SP3
1.2-18.80.1
fixed
suse enterprise server 15 SP2
1.2-9.45.1
fixed
suse enterprise server 15 SP3
1.2-9.45.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
openldap
RHEL 7
0:2.4.44-25.el7_9
fixed
openldap-clients
RHEL 7
0:2.4.44-25.el7_9
fixed
openldap-devel
RHEL 7
0:2.4.44-25.el7_9
fixed
openldap-servers
RHEL 7
0:2.4.44-25.el7_9
fixed
openldap-servers-sql
RHEL 7
0:2.4.44-25.el7_9
fixed
Common Weakness Enumeration
References
https://bugzilla.redhat.com/show_bug.cgi?id=1899678
https://git.openldap.org/openldap/openldap/-/commit/ab3915154e69920d480205b4bf5ccb2b391a0a1f#a2feb6ed0257c21c6672793ee2f94eaadc10c72c
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/12/msg00008.html
https://security.netapp.com/advisory/ntap-20210716-0003/
https://www.debian.org/security/2020/dsa-4792
https://bugzilla.redhat.com/show_bug.cgi?id=1899678
https://git.openldap.org/openldap/openldap/-/commit/ab3915154e69920d480205b4bf5ccb2b391a0a1f#a2feb6ed0257c21c6672793ee2f94eaadc10c72c
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/12/msg00008.html
https://security.netapp.com/advisory/ntap-20210716-0003/
https://www.debian.org/security/2020/dsa-4792