Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2019-13565

An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.

  • Published: Jul 26, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-13565
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
openldap / openldap 2.0 2.4.47.x
canonical / ubuntu_linux 16.04 16.04.x
canonical / ubuntu_linux 12.04 12.04.x
canonical / ubuntu_linux 18.04 18.04.x
canonical / ubuntu_linux 19.04 19.04.x
canonical / ubuntu_linux 14.04 14.04.x
debian / debian_linux 8.0 8.0.x
opensuse / leap 15.0 15.0.x
opensuse / leap 15.1 15.1.x
f5 / traffix_signaling_delivery_controller 5.1.0 5.1.0.x
f5 / traffix_signaling_delivery_controller 5.0.0 5.0.0.x
apple / mac_os_x 10.13.6 10.13.6.x
apple / mac_os_x 10.14 10.14.6
apple / mac_os_x 10.14.6 10.14.6.x
apple / mac_os_x 10.13.6-security_update_2018-003 10.13.6-security_update_2018-003.x
apple / mac_os_x 10.13.6-security_update_2018-002 10.13.6-security_update_2018-002.x
apple / mac_os_x 10.13.6-security_update_2019-003 10.13.6-security_update_2019-003.x
apple / mac_os_x 10.13.6-security_update_2019-002 10.13.6-security_update_2019-002.x
apple / mac_os_x 10.13.6-security_update_2019-001 10.13.6-security_update_2019-001.x
apple / mac_os_x 10.13.6-security_update_2019-006 10.13.6-security_update_2019-006.x
apple / mac_os_x 10.13.6-security_update_2019-005 10.13.6-security_update_2019-005.x
apple / mac_os_x 10.13.6-security_update_2019-004 10.13.6-security_update_2019-004.x
apple / mac_os_x 10.14.6-security_update_2019-001 10.14.6-security_update_2019-001.x
apple / mac_os_x 10.13 10.13.6
apple / mac_os_x 10.15 10.15.2
oracle / solaris 11 11.x
oracle / zfs_storage_appliance_kit 8.8 8.8.x
oracle / blockchain_platform - 21.1.2