CVE-2016-9167
Severity
7.5HIGH
EPSS
0.5%
top 34.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 23
Latest updateMay 17
Description
NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6