Authentication Bypass Vulnerability in 389-ds-base

Authentication Bypass Vulnerability in 389-ds-base

CVE-2017-15135 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypass the authentication process under very rare and specific circumstances.

Learn more about our Internal Network Penetration Testing.