CVE
CVE-2019-13565
| CVE ID |
CVE-2019-13565
|
|---|---|
| CVSS Score |
7.5
|
| Operating System | |
| Affected Versions | |
| Patched Versions | |
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary:
When using SASL authentication and session encryption, and relying on the security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.).
In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.