PT-2026-56200 · Red Hat · Red Hat Directory Server 11+7

Publicado

2026-07-07

·

Atualizado

2026-07-07

·

CVE-2026-14969

CVSS v3.1

4.4

Média

VetorAV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations, allowing an attacker with privileged filesystem access to detect plaintext equality across encrypted entries by comparing ciphertext blocks.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-14969

Produtos afetados

Red Hat Directory Server 11
Red Hat Directory Server 12
Red Hat Directory Server 13
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9