公告ID: KYLIN-2019-14824
安全等级: 重要
产品: Kylin V3
发布日期: 2019年11月4日
CVE: CVE-2019-14824
CVSS3评分: 6.5
概述:
描述:
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes. 系统版本:
KYLIN 3.2.x
KYLIN 3.3.x
受影响包列表:
389-ds-base
389-ds-base