PT-2017-8723 · Red Hat+3 · Red Hat Enterprise Linux Server+8
Adam Mariš
+1
·
Published
2016-11-03
·
Updated
2023-02-12
·
CVE-2016-5416
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Red Hat Enterprise Linux Desktop versions 6 through 7
Red Hat Enterprise Linux HPC Node versions 6 through 7
Red Hat Enterprise Linux Server versions 6 through 7
Red Hat Enterprise Linux Workstation versions 6 through 7
389 Directory Server (affected versions not specified)
Description
The issue allows remote attackers to read the default Access Control Instructions in 389 Directory Server within various Red Hat Enterprise Linux versions.
Recommendations
For Red Hat Enterprise Linux Desktop versions 6 through 7, update the 389 Directory Server configuration to restrict access to sensitive information.
For Red Hat Enterprise Linux HPC Node versions 6 through 7, update the 389 Directory Server configuration to restrict access to sensitive information.
For Red Hat Enterprise Linux Server versions 6 through 7, update the 389 Directory Server configuration to restrict access to sensitive information.
For Red Hat Enterprise Linux Workstation versions 6 through 7, update the 389 Directory Server configuration to restrict access to sensitive information.
As a temporary workaround, consider restricting access to the 389 Directory Server until a patch is available.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
389 Directory Server
Centos
Debian
Red Hat
Red Hat Enterprise Linux Desktop
Red Hat Enterprise Linux Hpc Node
Red Hat Enterprise Linux Server
Red Hat Enterprise Linux Workstation
Suse