CVE-2023-1055

EUVD-2023-23346
A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
redhatdirectory_server
11.5
redhatdirectory_server
11.6
redhatdirectory_server
12.0
redhatdirectory_server
12.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
389-ds-base
bookworm
no-dsa
bullseye
no-dsa
buster
no-dsa
sid
3.1.1+dfsg1-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
389-ds-base
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
oracular
needs-triage
trusty
ignored
xenial
needs-triage
Common Weakness Enumeration
References
https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/
https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/