CVE-2017-7551

Summary

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.

Affected Software

VendorProductVersion RangeStatus
389 Directory Server389-ds-basebefore 1.3.5.19 and 1.3.6.7affected

Weaknesses

  • CWE-209: CWE-209

ADP Enrichment

CVE Program Container

Additional References

References