CVE-2020-25709

CWE-617 — Reachable Assertion9 documents8 sources

Severity

7.5HIGH

EPSS

35.7%

top 2.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple Macos Openldap Openldap +1 more

Timeline

PublishedMay 18

Latest updateMay 24

Description

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

▶NVDopenldap/openldap< 2.4.56

▶Debianopenldap< 2.4.56+dfsg-1+3

▶CVEListV5openldapopenldap 2.4.56

▶NVDapple/macos11.0 — 11.0.1

▶NVDapple/mac_os_x10.14.0 — 10.14.6+3

Also affects: Debian Linux 10.0, 9.0

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-cpm7-pgmm-3mfr: A flaw was found in OpenLDAP↗2022-05-24

▶

OSV

CVE-2020-25709: A flaw was found in OpenLDAP↗2021-05-18

▶

CVEList

CVE-2020-25709: A flaw was found in OpenLDAP↗2021-05-18

▶

📋Vendor Advisories

Apple

CVE-2020-25709: macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave↗2021-02-01

▶

Ubuntu

OpenLDAP vulnerabilities↗2020-11-23

▶

Ubuntu

OpenLDAP vulnerabilities↗2020-11-17

▶

Red Hat

openldap: assertion failure in Certificate List syntax validation↗2020-11-02

▶

Debian

CVE-2020-25709: openldap - A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malici...↗2020

▶