What is CVE-2024-5953?

CVE-2024-5953 is a medium-severity vulnerability in Red Hat Directory Server 11.5 E4s For Rhel 8, classified under CWE-1288. CVSS score: 5.7/10. Published 2024-06-18.

How severe is CVE-2024-5953?

Medium severity. CVSS v3 base score is 5.7 out of 10.

Is CVE-2024-5953 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Red Hat Directory Server 11.5 E4s For Rhel 8

CVE-2024-5953

A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.

EPSS: 0.001 (30.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.7 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Affected products

Red Hat Directory Server 11.5 E4s For Rhel 8 — versions 8060020250210084424.0ca98e7e
Red Hat Directory Server 11.7 For Rhel 8 — versions 8080020240909040333.f969626e
Red Hat Directory Server 11.9 For Rhel 8 — versions 8100020240902112955.37ed7c03
Red Hat Directory Server 12.2 Eus For Rhel 9 — versions 9020020240916150035.1674d574
Red Hat Directory Server 12.4 For Rhel 9 — versions 9040020240723122852.1674d574
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7 Extended Lifecycle Support — versions 0:1.3.11.1-6.el7_9
Red Hat Enterprise Linux 8 — versions 8100020240910065753.25e700aa
Red Hat Enterprise Linux 8.8 Extended Update Support — versions 8080020240807050952.6dbb3803

Weakness classification (CWE)

CWE-1288

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

RHSA-2024:4633 (vendor-advisory, x_refsource_REDHAT)
RHSA-2024:4997 (vendor-advisory, x_refsource_REDHAT)
RHSA-2024:5192 (vendor-advisory, x_refsource_REDHAT)
RHSA-2024:5690 (vendor-advisory, x_refsource_REDHAT)
RHSA-2024:6153 (vendor-advisory, x_refsource_REDHAT)
RHSA-2024:6568 (vendor-advisory, x_refsource_REDHAT)
RHSA-2024:6569 (vendor-advisory, x_refsource_REDHAT)
RHSA-2024:6576 (vendor-advisory, x_refsource_REDHAT)
RHSA-2024:7458 (vendor-advisory, x_refsource_REDHAT)
RHSA-2025:1632 (vendor-advisory, x_refsource_REDHAT)

Frequently asked questions

What is CVE-2024-5953?: CVE-2024-5953 is a medium-severity vulnerability in Red Hat Directory Server 11.5 E4s For Rhel 8, classified under CWE-1288. CVSS score: 5.7/10. Published 2024-06-18.
How severe is CVE-2024-5953?: Medium severity. CVSS v3 base score is 5.7 out of 10.
Is CVE-2024-5953 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.