- Description
- The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not enable the firewall in certain circumstances involving reboots during online updates, which makes it easier for remote attackers to access network services.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-16
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:suse_linux:11:*:enterprise_desktop:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A21C44DE-B976-437F-99F0-C4BB018C3121"
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:11:*:enterprise_server:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B34E5287-ED2F-4BE2-8166-52B0108DCEC3"
}
],
"operator": "OR"
}
]
}
]