/

CVE-2022-1949 Report - Details, Severity, & Advisories

CVE-2022-1949 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2022-1949 is a high-severity access control bypass vulnerability found in the 389-ds-base software. This flaw allows remote unauthenticated users to bypass access controls and search for sensitive database items they do not have access to, potentially exposing user password hashes and other confidential data. Systems affected by this vulnerability include those running specific versions of the 389-ds-base software, as well as certain configurations of Red Hat Directory Server and Red Hat Enterprise Linux.

How do I know if I'm affected?

To determine if you're affected by the CVE-2022-1949 vulnerability, check if you're using any of the following: 389-ds-base versions from 1.3.0.0 up to 2.0.0, Red Hat Directory Server 11.0 and 12.0, Red Hat Enterprise Linux 8.0 and 9.0, or Fedora Project Fedora 34, 35, and 36. This vulnerability allows remote unauthenticated users to bypass access controls and search for sensitive data they shouldn't have access to, such as user password hashes.

What should I do if I'm affected?

If you're affected by the CVE-2022-1949 vulnerability, it's crucial to take action to protect your system. Apply the available patches mentioned in the 389-ds-base GitHub issue to mitigate the risk and secure your data.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2022-1949 vulnerability, an access control bypass issue in 389-ds-base, is not listed in CISA's Known Exploited Vulnerabilities Catalog. Although the specific date it was added to the catalog is not provided, the vulnerability was published on June 2, 2022. There is no due date or required action specified, but addressing the vulnerability involves applying available patches and following advisories, solutions, and tools.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-639 involves unauthorized access through user-controlled keys, allowing remote users to bypass access controls and search sensitive data. Patches are available to address this issue.

For more details

For a comprehensive analysis of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the resources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2022-1949 Report - Details, Severity, & Advisories

CVE-2022-1949 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2022-1949 is a high-severity access control bypass vulnerability found in the 389-ds-base software. This flaw allows remote unauthenticated users to bypass access controls and search for sensitive database items they do not have access to, potentially exposing user password hashes and other confidential data. Systems affected by this vulnerability include those running specific versions of the 389-ds-base software, as well as certain configurations of Red Hat Directory Server and Red Hat Enterprise Linux.

How do I know if I'm affected?

To determine if you're affected by the CVE-2022-1949 vulnerability, check if you're using any of the following: 389-ds-base versions from 1.3.0.0 up to 2.0.0, Red Hat Directory Server 11.0 and 12.0, Red Hat Enterprise Linux 8.0 and 9.0, or Fedora Project Fedora 34, 35, and 36. This vulnerability allows remote unauthenticated users to bypass access controls and search for sensitive data they shouldn't have access to, such as user password hashes.

What should I do if I'm affected?

If you're affected by the CVE-2022-1949 vulnerability, it's crucial to take action to protect your system. Apply the available patches mentioned in the 389-ds-base GitHub issue to mitigate the risk and secure your data.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2022-1949 vulnerability, an access control bypass issue in 389-ds-base, is not listed in CISA's Known Exploited Vulnerabilities Catalog. Although the specific date it was added to the catalog is not provided, the vulnerability was published on June 2, 2022. There is no due date or required action specified, but addressing the vulnerability involves applying available patches and following advisories, solutions, and tools.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-639 involves unauthorized access through user-controlled keys, allowing remote users to bypass access controls and search sensitive data. Patches are available to address this issue.

For more details

For a comprehensive analysis of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the resources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2022-1949 Report - Details, Severity, & Advisories

Twingate Team

May 9, 2024

CVE-2022-1949 is a high-severity access control bypass vulnerability found in the 389-ds-base software. This flaw allows remote unauthenticated users to bypass access controls and search for sensitive database items they do not have access to, potentially exposing user password hashes and other confidential data. Systems affected by this vulnerability include those running specific versions of the 389-ds-base software, as well as certain configurations of Red Hat Directory Server and Red Hat Enterprise Linux.

How do I know if I'm affected?

To determine if you're affected by the CVE-2022-1949 vulnerability, check if you're using any of the following: 389-ds-base versions from 1.3.0.0 up to 2.0.0, Red Hat Directory Server 11.0 and 12.0, Red Hat Enterprise Linux 8.0 and 9.0, or Fedora Project Fedora 34, 35, and 36. This vulnerability allows remote unauthenticated users to bypass access controls and search for sensitive data they shouldn't have access to, such as user password hashes.

What should I do if I'm affected?

If you're affected by the CVE-2022-1949 vulnerability, it's crucial to take action to protect your system. Apply the available patches mentioned in the 389-ds-base GitHub issue to mitigate the risk and secure your data.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2022-1949 vulnerability, an access control bypass issue in 389-ds-base, is not listed in CISA's Known Exploited Vulnerabilities Catalog. Although the specific date it was added to the catalog is not provided, the vulnerability was published on June 2, 2022. There is no due date or required action specified, but addressing the vulnerability involves applying available patches and following advisories, solutions, and tools.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-639 involves unauthorized access through user-controlled keys, allowing remote users to bypass access controls and search sensitive data. Patches are available to address this issue.

For more details

For a comprehensive analysis of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the resources listed below.