The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2013-07-31 06:20
Updated : 2017-11-17 18:29
NVD link : CVE-2013-2219
Mitre link : CVE-2013-2219
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
fedoraproject
- 389_directory_server
redhat
- directory_server