4.9
CVE-2025-2487
- EPSS 0.08%
- Veröffentlicht 18.03.2025 16:25:43
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
389-ds-base: null pointer dereference leads to denial of service
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
Collection URLhttps://github.com/389ds/389-ds-base/
≫
Paket
389-ds-base
Default Statusunaffected
Version <=
2.4.6
Version
2.4.0
Status
affected
Version <=
2.5.3
Version
2.5.0
Status
affected
Version <=
2.6.1
Version
2.6.0
Status
affected
Version <=
3.0.6
Version
3.0.0
Status
affected
HerstellerRed Hat
≫
Produkt
Red Hat Directory Server 12.4 EUS for RHEL 9
Default Statusaffected
Version
9040020250325181857.1674d574
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
0:2.5.2-9.el9_5
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
0:2.6.1-8.el9_6
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.4 Extended Update Support
Default Statusaffected
Version
0:2.4.5-14.el9_4
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Directory Server 12
Default Statusunaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 10
Default Statusunaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 6
Default Statusunknown
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 7
Default Statusunknown
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8
Default Statusunknown
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.239 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.