Home

CVE-2020-25710

Description

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
17.46

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 5.0.0Windows
Lightweight Directory Access Protocol (USN-4634-1) slapd_2.4.45+dfsg-1ubuntu1.8_i386.debLinux
Lightweight Directory Access Protocol (USN-4634-1) slapd_2.4.45+dfsg-1ubuntu1.8_amd64.debLinux
Lightweight Directory Access Protocol (USN-4634-1) slapd_2.4.49+dfsg-2ubuntu1.5_i386.debLinux
Lightweight Directory Access Protocol (USN-4634-1) slapd_2.4.49+dfsg-2ubuntu1.5_amd64.debLinux
Lightweight Directory Access Protocol (USN-4634-1) slapd_2.4.53+dfsg-1ubuntu1.2_i386.debLinux
Lightweight Directory Access Protocol (USN-4634-1) slapd_2.4.53+dfsg-1ubuntu1.2_amd64.debLinux
Lightweight Directory Access Protocol (USN-4634-1) slapd_2.4.42+dfsg-2ubuntu3.11_i386.debLinux
Lightweight Directory Access Protocol (USN-4634-1) slapd_2.4.42+dfsg-2ubuntu3.11_amd64.debLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) libldap-2_4-2-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) libldap-2_4-2-32bit-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) libldap-2_4-2-debuginfo-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) libldap-2_4-2-debuginfo-32bit-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) openldap2-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) openldap2-back-meta-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) openldap2-back-meta-debuginfo-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) openldap2-client-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) openldap2-client-debuginfo-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) openldap2-debuginfo-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) openldap2-debugsource-2.4.41-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) openldap2-doc-2.4.41-18.80.1.noarch.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) openldap2-ppolicy-check-password-1.2-18.80.1.x86_64.rpmLinux
SUSE-SU-2021:0128-1(SUSE Linux Enterprise Server 12-SP5 ) openldap2-ppolicy-check-password-debuginfo-1.2-18.80.1.x86_64.rpmLinux
(RHSA-2022:0621) openldap security update openldap-2.4.44-25.el7_9.i686.rpmLinux
(RHSA-2022:0621) openldap security update openldap-2.4.44-25.el7_9.x86_64.rpmLinux
(RHSA-2022:0621) openldap security update openldap-clients-2.4.44-25.el7_9.x86_64.rpmLinux
(RHSA-2022:0621) openldap security update openldap-devel-2.4.44-25.el7_9.i686.rpmLinux
(RHSA-2022:0621) openldap security update openldap-devel-2.4.44-25.el7_9.x86_64.rpmLinux
(RHSA-2022:0621) openldap security update openldap-servers-2.4.44-25.el7_9.x86_64.rpmLinux
(RHSA-2022:0621) openldap security update openldap-servers-sql-2.4.44-25.el7_9.x86_64.rpmLinux
Openldap update (ELSA-2022-0621) openldap-2.4.44-25.el7_9.i686.rpmLinux
Openldap update (ELSA-2022-0621) openldap-2.4.44-25.el7_9.x86_64.rpmLinux
Openldap-clients update (ELSA-2022-0621) openldap-clients-2.4.44-25.el7_9.x86_64.rpmLinux
Openldap-devel update (ELSA-2022-0621) openldap-devel-2.4.44-25.el7_9.i686.rpmLinux
Openldap-devel update (ELSA-2022-0621) openldap-devel-2.4.44-25.el7_9.x86_64.rpmLinux
Openldap-servers update (ELSA-2022-0621) openldap-servers-2.4.44-25.el7_9.x86_64.rpmLinux
Openldap-servers-sql update (ELSA-2022-0621) openldap-servers-sql-2.4.44-25.el7_9.x86_64.rpmLinux
(RHSA-2022:0621)Moderate: security update openldap-debuginfo-2.4.44-25.el7_9.i686.rpmLinux
(RHSA-2022:0621)Moderate: security update openldap-debuginfo-2.4.44-25.el7_9.x86_64.rpmLinux
Lightweight Directory Access Protocol (USN-4634-2) slapd_2.4.28-1.1ubuntu4.12_i386.debLinux
Lightweight Directory Access Protocol (USN-4634-2) slapd_2.4.28-1.1ubuntu4.12_amd64.debLinux
CVE-2020-25710NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234