The fix for CVE-2024-2199 in 389-ds-base was insufficient...
Moderate severity
Unreviewed
Published
Sep 5, 2024
to the GitHub Advisory Database
•
Updated Oct 1, 2024
Description
Published by the National Vulnerability Database
Sep 5, 2024
Published to the GitHub Advisory Database
Sep 5, 2024
Last updated
Oct 1, 2024
The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying
userPassword
using malformed input.References