Vulnerabilities > CVE-2024-6237 - Unspecified vulnerability in Redhat products

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

redhat

NVD

Published: 2024-07-09

Updated: 2024-08-29

Summary

A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.

Vulnerable Configurations

Part	Description	Count
OS	Redhat Redhat 389 Directory Server - Redhat Enterprise Linux 9.0	2
Application	Redhat Redhat Directory Server 12.0	1

References

https://access.redhat.com/security/cve/CVE-2024-6237
https://bugzilla.redhat.com/show_bug.cgi?id=2293579
https://github.com/389ds/389-ds-base/issues/5989
https://access.redhat.com/errata/RHSA-2024:4997
https://access.redhat.com/errata/RHSA-2024:5192