CVE-2024-1062
Published Feb 12, 2024
Last updated a month ago
Overview
- Description
- A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
Weaknesses
- secalert@redhat.com
- CWE-122
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "555F8661-DCE6-441E-9251-CD8D8E8734F6",
"versionEndExcluding": "2.2.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:directory_server:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BCE19AC-8DA8-4574-B122-CF1FFB20875D"
},
{
"criteria": "cpe:2.3:a:redhat:directory_server:11.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9684A709-4D17-4AEB-BB13-9DC3B75EF902"
},
{
"criteria": "cpe:2.3:a:redhat:directory_server:11.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BF83982-31CF-4692-9055-BB65B59AFA08"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:41:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2D4E93B-C80E-4F15-9177-8B31016381C0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3DAF61A-58A9-41A6-A4DC-64148055B0C1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3EFBEEE7-8BC5-4F4E-8EFA-42A6743152BB"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83981111-E13A-4A88-80FD-F63D7CCAA47F"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78825319-8A45-4880-B7C4-2B223029DDD3"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C415CABF-E1C4-4E95-9424-AEEEAFF1CAE7"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83364F5C-57F4-4D57-B54F-540CAC1D7753"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A49ABD84-6755-4894-AD4E-49AAD39933C2"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71DDE212-1018-4554-9C06-4908442DE134"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "871A5C26-DB7B-4870-A5B2-5DD24C90B4A7"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12A809B2-2771-4780-9E0D-6A7B4A534CFB"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE4AEBCB-B1E6-4A6A-9E8C-DDC5A003BCB9"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB096D5D-E8F6-4164-8B76-0217B7151D30"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01ED4F33-EBE7-4C04-8312-3DA580EFFB68"
}
],
"operator": "OR"
}
]
}
]