CVE-2020-25710

Updated: 2024-11-23 04:43:40.587854

Description:

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 5
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS openldap 2.4.40 7.5 HIGH Ignored 2024-05-07 05:18:09
CentOS 7 ELS openldap 2.4.44 7.5 HIGH Already Fixed 2023-11-02 09:33:46
CloudLinux 6 ELS openldap 2.4.40 7.5 HIGH Ignored 2024-05-07 05:18:09
Oracle Linux 6 ELS openldap 2.4.40 7.5 HIGH Ignored 2024-05-07 05:18:09