CVE-2020-35518 vulnerability in Red Hat Products
Published on March 26, 2021

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.

NVD

Weakness Type

What is an Information Disclosure Vulnerability?

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CVE-2020-35518 has been classified to as an Information Disclosure vulnerability or weakness.

Products Associated with CVE-2020-35518

Want to know whenever a new CVE is published for Red Hat products? stack.watch will email you.

Red Hat Directory Server

Red Hat 389 Directory Server

Red Hat Enterprise Linux (RHEL)

Exploit Probability

EPSS

0.80%

Percentile

73.86%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-35518 vulnerability in Red Hat ProductsPublished on March 26, 2021

Weakness Type

What is an Information Disclosure Vulnerability?

Products Associated with CVE-2020-35518

Exploit Probability

CVE-2020-35518 vulnerability in Red Hat Products
Published on March 26, 2021