CVE-2020-15719 vulnerability in Openldap and Other Products
Published on July 14, 2020

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.

Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2020-15719

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-15719 are published in these products:

Openldap

Red Hat Enterprise Linux (RHEL)

OpenSuse Leap

McAfee Policy Auditor

Oracle Blockchain Platform

Exploit Probability

EPSS

0.22%

Percentile

43.88%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-15719 vulnerability in Openldap and Other ProductsPublished on July 14, 2020

Products Associated with CVE-2020-15719

Exploit Probability

CVE-2020-15719 vulnerability in Openldap and Other Products
Published on July 14, 2020