CVE-2013-2219
published 2013-07-31CVE-2013-2219: The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated…
medium4CVSS 3.1
AVNACLAuSCPINAN
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | 389-ds-base | < 389-ds-base 1.3.2.9-1 (bookworm) | 389-ds-base 1.3.2.9-1 (bookworm) |
| port389 | 389-ds-base | >= 0 < 1.3.2.9-1 | 1.3.2.9-1 |
| port389 | 389-ds-base | >= 0 < 1.3.2.9-1 | 1.3.2.9-1 |
| port389 | 389-ds-base | >= 0 < 1.3.2.9-1 | 1.3.2.9-1 |
| redhat | directory_server | <= 8.2 | — |
| redhat | directory_server | — | — |
| redhat | directory_server | — | — |
| redhat | directory_server | — | — |
CVSS provenance
nvd4.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
osv4.0MEDIUM