Description389 Directory Server before 188.8.131.52 and 1.3.3.x before 184.108.40.206 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Linux Enterprise Module for Server Applications 15|| ||Patchnames:
SUSE Linux Enterprise Module for Server Applications 15 GA 389-ds
|openSUSE Tumbleweed|| ||Patchnames:
openSUSE Tumbleweed GA 389-ds