CVE-2022-0918

moderate-risk

Published 2022-03-16

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing.

Do I need to act?

8.8% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (2)

389-Ds-Base

Enterprise Linux

Affected Vendors

Redhat Port389

References (9)

Third Party Advisory https://access.redhat.com/security/cve/CVE-2022-0918

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=2055815

Issue Tracking https://github.com/389ds/389-ds-base/issues/5242

https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html

Third Party Advisory https://access.redhat.com/security/cve/CVE-2022-0918

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=2055815

Issue Tracking https://github.com/389ds/389-ds-base/issues/5242

https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html

https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 10/34 · Low

Exposure 7/34 · Low