PT-2022-6792 · Red Hat+6 · 389-Ds-Base+7

Sandipan Roy

Published

2022-08-04

Updated

2025-01-20

CVE-2022-2850

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions 389-ds-base (affected versions not specified)

Description A flaw in the Content Synchronization plugin of 389 Directory Server allows an authenticated attacker to cause a denial of service by exploiting a NULL pointer dereference using a specially crafted query. This issue is related to an incomplete fix of a previous flaw.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2022:7133

ALSA-2022:8162

ALSA-2022_7133

ALSA-2022_8162

ALT-PU-2024-1078

ALT-PU-2024-7577

BDU:2023-04786

CESA-2022_7087

CESA-2022_7133

CVE-2022-2850

DLA-3399-1

DLA-4021-1

ELSA-2022-7087

ELSA-2022-7133

ELSA-2022-8162

MGASA-2022-0413

OPENSUSE-SU-2022_3029-1

OPENSUSE-SU-2022_3286-1

RHSA-2022:7087

RHSA-2022:7133

RHSA-2022:8162

RHSA-2022:8680

RHSA-2022:8886

RHSA-2022:8976

RHSA-2022_7087

RHSA-2022_7133

RHSA-2022_8162

RHSA-2023:0479

RLSA-2022:7133

RLSA-2022:8162

RLSA-2022_7133

RLSA-2022_8162

SUSE-SU-2022:3029-1

SUSE-SU-2022:3286-1

SUSE-SU-2022_3029-1

SUSE-SU-2022_3286-1

Affected Products

389-Ds-Base

Alt Linux

Almalinux

Astra Linux

Centos

Red Hat

Rocky Linux

Suse

PT-2022-6792 · Red Hat+6 · 389-Ds-Base+7

CVE-2022-2850

Weakness Enumeration

Related Identifiers

Affected Products

References · 66