Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-31253

A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers with control of the ldap user or group to change ownership of arbitrary directory entries to this user/group, leading to escalation to root. This issue affects: openSUSE Factory openldap2 versions prior to 2.6.3-404.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.3%
CVSS Severity
CVSS v3 Score 7.1
Products affected by CVE-2022-31253
  • Opensuse » Openldap2 » Version: 2.4.26-0.74.13
    cpe:2.3:a:opensuse:openldap2:2.4.26-0.74.13
  • Opensuse » Openldap2 » Version: 2.4.41-18.71.2
    cpe:2.3:a:opensuse:openldap2:2.4.41-18.71.2
  • Opensuse » Openldap2 » Version: 2.4.46-9.31.1
    cpe:2.3:a:opensuse:openldap2:2.4.46-9.31.1
  • Opensuse » Openldap2 » Version: 2.4.46-9.37.1
    cpe:2.3:a:opensuse:openldap2:2.4.46-9.37.1
  • Opensuse » Openldap2 » Version: 2.4.46-lp151.10.18.1
    cpe:2.3:a:opensuse:openldap2:2.4.46-lp151.10.18.1
  • Opensuse » Openldap2 » Version: 2.4.46-lp152.14.9.1
    cpe:2.3:a:opensuse:openldap2:2.4.46-lp152.14.9.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved