CVE-2016-4992

CWE-200Information ExposureCWE-2099 documents7 sources
Severity
7.5HIGH
EPSS
0.4%
top 36.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Redhat Enterprise Linux DesktopRedhat Enterprise Linux HPC NodeRedhat Enterprise Linux Server+1 more
Timeline
PublishedJun 8
Latest updateMay 17

Description

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

Debian389-ds-base< 1.3.5.13-1+2

🔴Vulnerability Details

3
GHSA
GHSA-wm9r-q6g4-j33r: 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 62022-05-17
CVEList
CVE-2016-4992: 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 62017-06-08
OSV
CVE-2016-4992: 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 62017-06-08

📋Vendor Advisories

2
Red Hat
389-ds-base: Information disclosure via repeated use of LDAP ADD operation2016-06-17
Debian
CVE-2016-4992: 389-ds-base - 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat En...2016

💬Community

3
Bugzilla
CVE-2016-4992 389-ds-base: Information disclosure via repeated use of LDAP ADD operation2016-06-17
Bugzilla
CVE-2016-4992 389-ds-base: 389-ds-base [fedora-all]2016-06-17
Bugzilla
CVE-2016-4992 389-ds-base: 389-ds-base [epel-5]2016-06-17