VDB

GCVE-VVD-MAGEIA-2022-239

GCVE-VVD-MAGEIA-2022-239
Advisory Published
Vulnetix · Advisory published June 24, 2022
An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a filter that allows searching for database items they do not have access to, including but not limited to potentially userPassword hashes and other sensitive data. (CVE-2022-1949)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageia389-ds-base0 (affected), 1.4.0.26-8.5.mga8 (unaffected)

Aliases

CVE-2022-1949

Transitive aliases

BDU:2022-04434GHSA-x847-vxvj-g6rjEUVD-2022-25217

References

Updated 389-ds-base packages fix security vulnerability
advisory
Updated 389-ds-base packages fix security vulnerability
issue
Updated 389-ds-base packages fix security vulnerability
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›