CVE-2020-15719

CVSS v3.1

4.2

Medium

Vector

AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions OpenLDAP versions prior to 2.4.46-10.el8

Description The issue is related to a certificate-validation flaw in libldap when asserting RFC6125 support. Specifically, it considers the Common Name (CN) even when there is a non-matching subjectAltName (SAN).

Recommendations For versions prior to 2.4.46-10.el8, update to a version that includes the fix, such as openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

ALT-PU-2019-1705

BIT-OPENLDAP-2020-15719

CVE-2020-15719

ECHO-131F-3301-69B0

OPENSUSE-SU-2020:1416-1

OPENSUSE-SU-2020:1459-1

OPENSUSE-SU-2020_1416-1

OPENSUSE-SU-2020_1459-1

SUSE-SU-2020:2581-1

SUSE-SU-2020_2581-1

Affected Products

Alt Linux

Debian

Openldap

Suse

CVE-2020-15719

Weakness Enumeration

Related Identifiers

Affected Products

References · 21