Home

CVE-2019-13057

Description

An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)

Risk Information

Base Score
4.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.582

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.2Mac
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.2 Combo UpdateMac
OpenLDAP utilities (USN-4078-1) slapd_2.4.42+dfsg-2ubuntu3.6_i386.debLinux
OpenLDAP utilities (USN-4078-1) slapd_2.4.42+dfsg-2ubuntu3.6_amd64.debLinux
OpenLDAP utilities (USN-4078-1) slapd_2.4.45+dfsg-1ubuntu1.3_i386.debLinux
OpenLDAP utilities (USN-4078-1) slapd_2.4.45+dfsg-1ubuntu1.3_amd64.debLinux
OpenLDAP utilities (USN-4078-1) slapd_2.4.47+dfsg-3ubuntu2.1_i386.debLinux
OpenLDAP utilities (USN-4078-1) slapd_2.4.47+dfsg-3ubuntu2.1_amd64.debLinux
SUSE-SU-2019:2390-1(SUSE Linux Enterprise Desktop 12-SP4 ) libldap-2_4-2-2.4.41-18.63.1.x86_64.rpmLinux
SUSE-SU-2019:2390-1(SUSE Linux Enterprise Desktop 12-SP4 ) libldap-2_4-2-32bit-2.4.41-18.63.1.x86_64.rpmLinux
SUSE-SU-2019:2390-1(SUSE Linux Enterprise Desktop 12-SP4 ) libldap-2_4-2-debuginfo-2.4.41-18.63.1.x86_64.rpmLinux
SUSE-SU-2019:2390-1(SUSE Linux Enterprise Desktop 12-SP4 ) libldap-2_4-2-debuginfo-32bit-2.4.41-18.63.1.x86_64.rpmLinux
SUSE-SU-2019:2390-1(SUSE Linux Enterprise Desktop 12-SP4 ) openldap2-client-2.4.41-18.63.1.x86_64.rpmLinux
SUSE-SU-2019:2390-1(SUSE Linux Enterprise Desktop 12-SP4 ) openldap2-client-debuginfo-2.4.41-18.63.1.x86_64.rpmLinux
SUSE-SU-2019:2390-1(SUSE Linux Enterprise Desktop 12-SP4 ) openldap2-debuginfo-2.4.41-18.63.1.x86_64.rpmLinux
SUSE-SU-2019:2390-1(SUSE Linux Enterprise Desktop 12-SP4 ) openldap2-debugsource-2.4.41-18.63.1.x86_64.rpmLinux
SUSE-SU-2019:2390-1(SUSE Linux Enterprise Desktop 12-SP4 ) openldap2-doc-2.4.41-18.63.1.noarch.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-602673MacOS Catalina 10.15.7 - Auto Reboot
PATCH-602674macOS Catalina 10.15.7 Combo Update - Auto Reboot

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234