Inadequate Access Restriction in Red Hat Directory Server and 389 Directory Server Allows Information Disclosure
CVE-2013-2219 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.
Learn more about our Cis Benchmark Audit For Server Software.