CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-7289

IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 does not properly handle the simultaneous changing of multiple passwords, which makes it easier for remote authenticated users to cause a denial of service (DB2 daemon deadlock) by making password changes that trigger updates to a DB2 password-history table.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.4%

CVSS Severity

CVSS v2 Score 4.0

References

http://www.ibm.com/support/docview.wss?uid=swg1IO09667
http://www.ibm.com/support/docview.wss?uid=swg24029663
http://www.ibm.com/support/docview.wss?uid=swg1IO09667
http://www.ibm.com/support/docview.wss?uid=swg24029663

Products affected by CVE-2008-7289

Ibm » Tivoli Directory Server » Version: 5.2.0

cpe:2.3:a:ibm:tivoli_directory_server:5.2.0
Ibm » Tivoli Directory Server » Version: 5.2.0.4

cpe:2.3:a:ibm:tivoli_directory_server:5.2.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-7289

Products

Pricing

Contact Us