CVE-2017-7551

CVE-2017-7551

Vendor 389 Directory Server
Product 389-ds-base
Weakness CWE-209 · Error message info leak
Published August 16, 2017
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.

Key dates

02Disclosure timeline

August 16, 2017 CVE published
August 5, 2024 Record updated