Vulnerability Details CVE-2024-6237
A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.7%
CVSS Severity
CVSS v3 Score 6.5
References
- https://access.redhat.com/errata/RHSA-2024:4997
- https://access.redhat.com/errata/RHSA-2024:5192
- https://access.redhat.com/security/cve/CVE-2024-6237
- https://bugzilla.redhat.com/show_bug.cgi?id=2293579
- https://github.com/389ds/389-ds-base/issues/5989
- https://access.redhat.com/security/cve/CVE-2024-6237
- https://bugzilla.redhat.com/show_bug.cgi?id=2293579
- https://github.com/389ds/389-ds-base/issues/5989
Products affected by CVE-2024-6237
-
cpe:2.3:a:redhat:directory_server:12.0
-
cpe:2.3:o:redhat:389_directory_server:-
-
cpe:2.3:o:redhat:enterprise_linux:9.0