CVE-2021-3514

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions 389 Directory Server versions (affected versions not specified)

Description The issue is related to a NULL pointer dereference error. An authenticated attacker can cause a crash by using a specially crafted query with a sync repl client in 389-ds-base. This allows a remote attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2023-02649

CESA-2021_2595

CVE-2021-3514

DLA-3399-1

DLA-4021-1

OPENSUSE-SU-2021:0868-1

OPENSUSE-SU-2021_0868-1

RHSA-2021:2595

RHSA-2021:2796

RHSA-2021:3955

RHSA-2021_2595

RHSA-2022:0952

RLSA-2021:2595

SUSE-SU-2021:1878-1

SUSE-SU-2021_1878-1

USN-5231-1

Affected Products

389 Directory Server

Astra Linux

Centos

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2021-3514

Weakness Enumeration

Related Identifiers

Affected Products

References · 37