The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.
Name | Vendor | Start Version | End Version |
---|---|---|---|
389_directory_server | Fedoraproject | - (including) | - (including) |
Directory_server | Redhat | * | 8.2 (including) |
Directory_server | Redhat | 7.1 (including) | 7.1 (including) |
Directory_server | Redhat | 8.0 (including) | 8.0 (including) |
Directory_server | Redhat | 8.1 (including) | 8.1 (including) |