CVE-2017-7551

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different…

redhat·CWE-209·Published 2017-08-16

CVSS

—

EPSS

0.01

KEV

Exploits

cve.orgen

178 chars

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.

NVDen

178 chars

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.

NVDes

235 chars

389-ds-base en su versión anterior a 1.3.5.19 y 1.3.6.7 es vulnerable a ataques de fuerza bruta de contraseñas durante un bloqueo de cuenta debido a los diferentes códigos de retorno que se devuelven durante los intentos de contraseña.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H