CVE-2020-35518 - OpenCVE

When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Directory Server Enterprise Linux 389 Directory Server

Configuration 1 [-]

OR	cpe:2.3:o:redhat:389_directory_server::::::::
	cpe:2.3:o:redhat:389_directory_server::::::::
	cpe:2.3:o:redhat:389_directory_server::::::::

Configuration 2 [-]

OR	cpe:2.3:a:redhat:directory_server:11.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1905565	Issue Tracking Patch Vendor Advisory
https://github.com/389ds/389-ds-base/commit/b6aae4d8e7c8a6ddd21646f94fef1bf7f22c3f32	Patch Third Party Advisory
https://github.com/389ds/389-ds-base/commit/cc0f69283abc082488824702dae485b8eae938bc	Patch Third Party Advisory
https://github.com/389ds/389-ds-base/issues/4480	Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2021-03-26T16:43:08

Updated: 2021-03-26T16:43:08

Reserved: 2020-12-17T00:00:00

Link: CVE-2020-35518

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-03-26T17:15:12.280

Modified: 2022-08-05T17:42:42.370

Link: CVE-2020-35518

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "389-ds-base", "vendor": "n/a", "versions": [{"status": "affected", "version": "389-ds-base 2.0.3, 389-ds-base 1.4.4.13, 389-ds-base 1.4.3.19"}]}], "descriptions": [{"lang": "en", "value": "When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-03-26T16:43:08", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905565"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/389ds/389-ds-base/issues/4480"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/389ds/389-ds-base/commit/cc0f69283abc082488824702dae485b8eae938bc"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/389ds/389-ds-base/commit/b6aae4d8e7c8a6ddd21646f94fef1bf7f22c3f32"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-35518", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "389-ds-base", "version": {"version_data": [{"version_value": "389-ds-base 2.0.3, 389-ds-base 1.4.4.13, 389-ds-base 1.4.3.19"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1905565", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905565"}, {"name": "https://github.com/389ds/389-ds-base/issues/4480", "refsource": "MISC", "url": "https://github.com/389ds/389-ds-base/issues/4480"}, {"name": "https://github.com/389ds/389-ds-base/commit/cc0f69283abc082488824702dae485b8eae938bc", "refsource": "MISC", "url": "https://github.com/389ds/389-ds-base/commit/cc0f69283abc082488824702dae485b8eae938bc"}, {"name": "https://github.com/389ds/389-ds-base/commit/b6aae4d8e7c8a6ddd21646f94fef1bf7f22c3f32", "refsource": "MISC", "url": "https://github.com/389ds/389-ds-base/commit/b6aae4d8e7c8a6ddd21646f94fef1bf7f22c3f32"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-35518", "datePublished": "2021-03-26T16:43:08", "dateReserved": "2020-12-17T00:00:00", "dateUpdated": "2021-03-26T16:43:08", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "826F6485-30A1-49A6-8E66-4F53DAD03EDE", "versionEndExcluding": "1.4.3.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "7273B979-C446-45CA-A601-9F81F6DA503C", "versionEndExcluding": "1.4.4.13", "versionStartIncluding": "1.4.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "72D21DC8-ED0C-4C96-A9CF-0EE1E3EBD7F9", "versionEndExcluding": "2.0.3", "versionStartIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:directory_server:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "2A169F6D-88A5-4631-9D30-519350ACFE6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database."}, {"lang": "es", "value": "Cuando se vincula con un DN durante la autenticaci\u00f3n, la respuesta de 389-ds-base ser\u00e1 diferente si el DN se presenta o no. Esto puede ser usado por un atacante no autenticado para comprobar la existencia de una entrada en la base de datos de LDAP."}], "id": "CVE-2020-35518", "lastModified": "2022-08-05T17:42:42.370", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-03-26T17:15:12.280", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905565"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/389ds/389-ds-base/commit/b6aae4d8e7c8a6ddd21646f94fef1bf7f22c3f32"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/389ds/389-ds-base/commit/cc0f69283abc082488824702dae485b8eae938bc"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/389ds/389-ds-base/issues/4480"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-203"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "secalert@redhat.com", "type": "Secondary"}]}