CVE-2015-3276

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions OpenLDAP (affected versions not specified)

Description The issue is related to the nss parse ciphers function in OpenLDAP, which does not properly parse OpenSSL-style multi-keyword mode cipher strings. This might cause a weaker than intended cipher to be used, potentially allowing remote attackers to have an unspecified impact.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2022-2606

AZL-6770

CESA-2015_2131

CVE-2015-3276

ECHO-0854-6756-555E

RHSA-2015:2131

RHSA-2015_2131

Affected Products

Alt Linux

Centos

Debian

Openldap

Red Hat

CVE-2015-3276

Related Identifiers

Affected Products

References · 11