CVE-2022-1949 vulnerability in Port389 and Other Products
Published on June 2, 2022

An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a filter that allows searching for database items they do not have access to, including but not limited to potentially userPassword hashes and other sensitive data.

NVD

Products Associated with CVE-2022-1949

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-1949 are published in these products:

Port389 389 Ds Base

Red Hat Enterprise Linux (RHEL)

Red Hat Directory Server

Fedora Project Fedora

Red Hat 389 Directory Server

Exploit Probability

EPSS

0.68%

Percentile

71.13%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-1949 vulnerability in Port389 and Other ProductsPublished on June 2, 2022

Products Associated with CVE-2022-1949

Exploit Probability

CVE-2022-1949 vulnerability in Port389 and Other Products
Published on June 2, 2022