6.5
CVE-2022-0996
- EPSS 0.13%
- Veröffentlicht 23.03.2022 20:15:10
- Zuletzt bearbeitet 03.11.2025 21:15:50
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginA vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ 389 Directory Server Version1.4.0.0
Fedoraproject ≫ Fedora Version34
Fedoraproject ≫ Fedora Version35
Redhat ≫ Enterprise Linux Version8.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.329 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.