CVE-2010-4786

CWE-3993 documents3 sources

Severity

4.0MEDIUM

EPSS

0.4%

top 41.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Tivoli Directory Server

Timeline

PublishedApr 21

Latest updateMay 17

Description

IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon crash or hang) via a paged search, as demonstrated by a certain idsldapsearch command, related to an improper ibm-slapdIdleTimeOut configuration setting.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/tivoli_directory_server21 versions+20

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-8j2c-qwhx-7qj4: IBM Tivoli Directory Server (TDS) 6↗2022-05-17

▶

CVEList

CVE-2010-4786: IBM Tivoli Directory Server (TDS) 6↗2011-04-21

▶