Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Openldap Subscribe
Filtered by product Openldap-servers
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-4984 2 Openldap, Redhat 2 Openldap-servers, Enterprise Linux 2019-04-22 1.9 LOW 4.7 MEDIUM
/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.