Vulnerability Details : CVE-2014-3562
Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.
Vulnerability category: Information leak
Products affected by CVE-2014-3562
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:directory_server:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc7:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a2:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc4:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc3:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc2:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc1:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a4:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc3:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc2:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc1:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc6:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a3:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha1:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.7:alpha3:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha2:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:rc1:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha3:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:rc2:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.9.9:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10:alpha8:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10:rc1:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.6:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.5:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.8:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.15:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.19:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.11:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.10:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.11:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.12:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.13:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.9:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.14:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.17:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.23:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.22:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.21:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.20:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.26:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.25:*:*:*:*:*:*:*
Threat overview for CVE-2014-3562
Top countries where our scanners detected CVE-2014-3562
Top open port discovered on systems with this issue
53
IPs affected by CVE-2014-3562 754,055
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-3562!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2014-3562
0.31%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 66 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3562
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2014-3562
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3562
-
http://rhn.redhat.com/errata/RHSA-2014-1032.html
RHSA-2014:1032 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1123477
1123477 – (CVE-2014-3562) CVE-2014-3562 389-ds: unauthenticated information disclosure
-
http://rhn.redhat.com/errata/RHSA-2014-1031.html
RHSA-2014:1031 - Security Advisory - Red Hat Customer PortalVendor Advisory
Jump to