CVE-2017-9267

CWE-7573 documents3 sources
Severity
7.5HIGH
EPSS
0.7%
top 27.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Edirectory
Timeline
PublishedMar 2
Latest updateMay 13

Description

In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages2 packages

CVEListV5novell/edirectoryunspecified9.0.3.1
NVDnovell/edirectory< 9.0.3.1

🔴Vulnerability Details

2
GHSA
GHSA-jh86-48fp-8v6j: In Novell eDirectory before 92022-05-13
CVEList
eDirectory LDAP peer certificate validation issue2018-03-02
CVE-2017-9267 (HIGH CVSS 7.5) | In Novell eDirectory before 9.0.3.1 | cvebase.io