CVE-2021-3652
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-3652
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3652.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-3652
- Related
- Published
- 2022-04-18T17:15:15Z
- Modified
- 2024-12-09T16:48:51.567687Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successfully match during authentication. This flaw allows an attacker to successfully authenticate as a user whose password was disabled.
- References
Affected packages
Debian:11 / 389-ds-base
Package
- Name
- 389-ds-base
- Purl
- pkg:deb/debian/389-ds-base?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:12 / 389-ds-base
Package
- Name
- 389-ds-base
- Purl
- pkg:deb/debian/389-ds-base?arch=source
Git / github.com/389ds/389-ds-base
Affected ranges
- Type
- GIT
- Repo
- https://github.com/389ds/389-ds-base
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
389-ds-base-1.*
389-ds-base-1.2.10.a1
389-ds-base-1.2.10.a2
389-ds-base-1.2.10.a3
389-ds-base-1.2.10.a4
389-ds-base-1.2.10.a5
389-ds-base-1.2.10.a6
389-ds-base-1.2.10.a7
389-ds-base-1.2.10.a8
389-ds-base-1.2.10.rc1
389-ds-base-1.2.11.a1
389-ds-base-1.2.3
389-ds-base-1.2.4
389-ds-base-1.2.5.a1
389-ds-base-1.2.5.rc1
389-ds-base-1.2.5.rc2
389-ds-base-1.2.5.rc3
389-ds-base-1.2.5.rc4
389-ds-base-1.2.6.a1
389-ds-base-1.2.6.a2
389-ds-base-1.2.6.a3
389-ds-base-1.2.6.a4
389-ds-base-1.2.6.rc1
389-ds-base-1.2.6.rc2
389-ds-base-1.2.6.rc3
389-ds-base-1.2.7
389-ds-base-1.2.7.1
389-ds-base-1.2.7.2
389-ds-base-1.2.7.3
389-ds-base-1.2.7.4
389-ds-base-1.2.7.a1
389-ds-base-1.2.7.a2
389-ds-base-1.2.7.a3
389-ds-base-1.2.7.a4
389-ds-base-1.2.7.a5
389-ds-base-1.2.8.a1
389-ds-base-1.2.8.a2
389-ds-base-1.2.9.0
389-ds-base-1.2.9.1
389-ds-base-1.2.9.2
389-ds-base-1.2.9.3
389-ds-base-1.2.9.4
389-ds-base-1.2.9.5
389-ds-base-1.2.9.a1
389-ds-base-1.2.9.a2
389-ds-base-1.3.0.a1
389-ds-base-1.3.0.rc1
389-ds-base-1.3.5.0
389-ds-base-1.3.5.1
389-ds-base-1.3.5.10
389-ds-base-1.3.5.11
389-ds-base-1.3.5.12
389-ds-base-1.3.5.13
389-ds-base-1.3.5.2
389-ds-base-1.3.5.3
389-ds-base-1.3.5.4
389-ds-base-1.3.5.5
389-ds-base-1.3.5.6
389-ds-base-1.3.5.7
389-ds-base-1.3.5.8
389-ds-base-1.3.5.9
389-ds-base-1.3.6.0
389-ds-base-1.3.6.1
389-ds-base-1.3.6.2
389-ds-base-1.3.6.3
389-ds-base-1.3.6.4
389-ds-base-1.3.7.0
389-ds-base-1.3.7.2
389-ds-base-1.3.7.3
389-ds-base-1.3.7.4
389-ds-base-1.4.0.0
389-ds-base-1.4.0.1
389-ds-base-1.4.0.10
389-ds-base-1.4.0.11
389-ds-base-1.4.0.12
389-ds-base-1.4.0.13
389-ds-base-1.4.0.14
389-ds-base-1.4.0.15
389-ds-base-1.4.0.16
389-ds-base-1.4.0.17
389-ds-base-1.4.0.18
389-ds-base-1.4.0.19
389-ds-base-1.4.0.2
389-ds-base-1.4.0.20
389-ds-base-1.4.0.3
389-ds-base-1.4.0.4
389-ds-base-1.4.0.5
389-ds-base-1.4.0.6
389-ds-base-1.4.0.7
389-ds-base-1.4.0.8
389-ds-base-1.4.0.9
389-ds-base-1.4.1.0
389-ds-base-1.4.1.1
389-ds-base-1.4.1.2
389-ds-base-1.4.1.3
389-ds-base-1.4.1.4
389-ds-base-1.4.1.5
389-ds-base-1.4.1.6
389-ds-base-1.4.2.1
389-ds-base-1.4.2.2
389-ds-base-1.4.2.3
389-ds-base-1.4.2.4
389-ds-base-1.4.2.5
389-ds-base-1.4.3.1
389-ds-base-1.4.3.2
389-ds-base-1.4.3.3
389-ds-base-1.4.3.4
389-ds-base-1.4.3.5
389-ds-base-1.4.4.0
389-ds-base-1.4.4.1
389-ds-base-1.4.4.2
389-ds-base-1.4.4.3
389-ds-base-1.4.4.4
389-ds-base-1.4.4.5
389-ds-base-1.4.5.0
389-ds-base-2.*
389-ds-base-2.0.0
389-ds-base-2.0.0.0
389-ds-base-2.0.1
389-ds-base-2.0.2
389-ds-base-2.0.3
389-ds-base-2.0.4
389-ds-base-2.0.5
Other
Directory_Server_8_1_Candidate_20090324
FedoraDirSvr10
FedoraDirSvr110a1
FedoraDirSvr110a2
FedoraDirSvr110a3
FedoraDirSvr110a3_20070320
FedoraDirSvr110a4
FedoraDirSvr110a4_20070720
FedoraDirSvr110b1
FedoraDirSvr110b1_20070813
FedoraDirSvr110b1_20070816
FedoraDirSvr110b2
FedoraDirSvr110b2_20071107
FedoraDirSvr111
FedoraDirSvr111_20080530
FedoraDirSvr_1_1_2
FedoraDirSvr_1_1_2_20080904
FedoraDirSvr_1_1_2_RC
FedoraDirSvr_1_1_2_RC2
FedoraDirSvr_1_1_2_RC_20080828
FedoraDirSvr_1_1_3_20080923
FedoraDirSvr_20051103_RTC
before-merge-nunc-stans
ldapserver7x