VDB

GCVE-VVD-MAGEIA-2022-239

GCVE-VVD-MAGEIA-2022-239
Advisory Published
Vulnetix · Advisory published June 24, 2022
An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a filter that allows searching for database items they do not have access to, including but not limited to potentially userPassword hashes and other sensitive data. (CVE-2022-1949)

Affected Products

VendorProductVersionsPlatforms
Mageia389-ds-base0 (affected), 1.4.0.26-8.5.mga8 (unaffected)

Browse GCVE Records

78,808 records in the GCVE database · Updated July 13, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›