Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing.
Threat-Mapped Scoring
Score: 3.25
Priority: P2 - Serious (High)
-
S1 – Steal Customer Account Information
-
S9 – Sabotage of System/App (+0.25 bonus)
EPSS
Score: 0.01087
Percentile:
0.7694
CVSS Scoring
CVSS v3.1 Score: 9.8
Severity: CRITICAL
Mapped CWE(s)
-
CWE-178
: Improper Handling of Case Sensitivity
Affected Products
- cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*
← Back to Home