Vulnerabilities > CVE-2017-9267 - Unspecified vulnerability in Novell Edirectory

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

novell

NVD

Published: 2018-03-02

Updated: 2023-11-07

Summary

In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations.

Vulnerable Configurations

Part	Description	Count
Application	Novell Novell Edirectory - Novell Edirectory 8.0 Novell Edirectory 8.5 Novell Edirectory 8.5.12A Novell Edirectory 8.5.27 Novell Edirectory 8.6.2 Novell Edirectory 8.7 Novell Edirectory 8.7.1 Novell Edirectory 8.7.3 Novell Edirectory 8.7.3.8 Novell Edirectory 8.7.3.10 Novell Edirectory 8.8 Novell Edirectory 8.8.1 Novell Edirectory 8.8.3	26

References

https://www.novell.com/support/kb/doc.php?id=7016794