Vulnerabilities > Redhat > Directory Server > 8.0

DATE CVE VULNERABILITY TITLE RISK
2020-01-09 CVE-2010-3282 Cleartext Storage of Sensitive Information vulnerability in multiple products
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log.
local
low complexity
hp redhat fedoraproject CWE-312
3.3
2019-11-05 CVE-2010-2222 NULL Pointer Dereference vulnerability in Redhat 389 Directory Server and Directory Server
The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service (NULL pointer dereference) via a crafted search query.
network
low complexity
redhat CWE-476
7.5