CVE-2024-6237
MEDIUMDescription
A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| redhat | directory_server |
| redhat | 389_directory_server |
| redhat | enterprise_linux |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2024-6237? +
How severe is CVE-2024-6237? +
What products are affected by CVE-2024-6237? +
How do I check if I'm vulnerable to CVE-2024-6237? +
Related Vulnerabilities
The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account …
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions …
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection …
In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null …
AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection …
Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an …