CVE-2002-2119Improper Handling of Case Sensitivity in Edirectory

CWE-178Improper Handling of Case Sensitivity3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
1.1%
top 21.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Edirectory
Timeline
PublishedDec 31
Latest updateApr 30

Description

Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDnovell/edirectory8.6.2, 8.7+1

🔴Vulnerability Details

2
GHSA
GHSA-mp9h-8rrx-27f5: Novell eDirectory 82022-04-30
CVEList
CVE-2002-2119: Novell eDirectory 82005-08-05
CVE-2002-2119 — Improper Handling of Case Sensitivity | cvebase