CVE-2017-15135 : It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did not

It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypass the authentication process under very rare and specific circumstances.

Published 2018-01-24 15:29:01

Updated 2023-02-12 23:28:54

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Products affected by CVE-2017-15135

Fedoraproject » 389 Directory Server
Versions from including (>=) 1.3.6.1 and up to, including, (<=) 1.4.0.3
cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-15135

EPSS FAQ

2.18%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 83 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-15135

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
8.1	HIGH	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	2.2	5.9	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-15135

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)

References for CVE-2017-15135

https://bugzilla.redhat.com/show_bug.cgi?id=1525628

1525628 – (CVE-2017-15135) CVE-2017-15135 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c
Issue Tracking;Patch;Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0515

RHSA-2018:0515 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2018:0414

RHSA-2018:0414 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www.securityfocus.com/bid/102811

Red Hat '389-ds-base' CVE-2017-15135 Authentication Bypass Vulnerability
Third Party Advisory;VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html

[security-announce] openSUSE-SU-2019:1397-1: important: Security update

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2017-15135

Products affected by CVE-2017-15135

Exploit prediction scoring system (EPSS) score for CVE-2017-15135

CVSS scores for CVE-2017-15135

CWE ids for CVE-2017-15135

References for CVE-2017-15135