CVE-2020-25710

High

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to…

redhat·CWE-617·Published 2021-05-28

CVSS

7.5

EPSS

0.03

KEV

Exploits

cve.orgen

254 chars

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.

NVDen

254 chars

NVDes

298 chars

Se encontró un fallo en OpenLDAP en versiones anteriores a 2.4.56. Este fallo permite a un atacante que envía un paquete malicioso procesado por OpenLDAP forzar una afirmación fallida en la función csnNormalize23(). La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H