BDU:2025-03459

Scores

EPSS

0.000none0.0%

0%20%40%60%80%100%

Percentile: 0.0%

CVSS

5.7medium3.x

0246810

CVSS Score: 5.7/10

All CVSS Scores

CVSS 3.x

5.7

Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0

5.5

Vector: AV:A/AC:L/Au:S/C:N/I:N/A:C

Description

Уязвимость компонента Hash Handler пакета 389-ds-base связана с недостаточной проверкой хэшей паролей. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

bdu

Related Vulnerabilities

CVE-2024-5953

Reference Links

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-5953

https://redos.red-soft.ru/support/secure/

https://access.redhat.com/security/cve/CVE-2024-5953

https://bugzilla.redhat.com/show_bug.cgi?id=2292104

http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

https://www.suse.com/security/cve/CVE-2024-5953.html

https://security-tracker.debian.org/tracker/CVE-2024-5953

https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18

https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0923SE17

Recommendations

Source: bdu

Использование рекомендаций:
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2024-5953
https://bugzilla.redhat.com/show_bug.cgi?id=2292104

Для РедОС:
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2024-5953.html

Для программных продуктов Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2024-5953

Для ОС Astra Linux:
обновить пакет 389-ds-base до 2.4.5+dfsg1-1.astra3 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18

Для ОС Astra Linux:
обновить пакет 389-ds-base до 2.4.5+dfsg1-1.astra2~7 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0923SE17

URL: https://bdu.fstec.ru/vul/2025-03459

Vulnerable Software (216)

Type: Configuration

Vendor: novell inc.

Product: suse enterprise storage

Operating System: debian gnu/linux 11

Trait:

{  "version_exact": "7.1"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse enterprise storage

Operating System: debian gnu/linux 12

Trait:

{  "version_exact": "7.1"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse enterprise storage

Operating System: suse liberty linux 9

Trait:

{  "version_exact": "7.1"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse enterprise storage

Operating System: suse linux enterprise server 15 SP4-LTSS

Trait:

{  "version_exact": "7.1"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse enterprise storage

Operating System: astra 1.8

Trait:

{  "version_exact": "7.1"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse enterprise storage

Operating System: astra 1.7

Trait:

{  "version_exact": "7.1"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse enterprise storage

Operating System: suse linux enterprise server for sap applications 15 SP3

Trait:

{  "version_exact": "7.1"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse enterprise storage

Operating System: suse linux enterprise server 15 SP5

Trait:

{  "version_exact": "7.1"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse enterprise storage

Operating System: suse liberty linux 8

Trait:

{  "version_exact": "7.1"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse enterprise storage

Operating System: suse linux enterprise server 15 SP6

Trait:

{  "version_exact": "7.1"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP4-LTSS

Trait:

{  "version_exact": "15 SP4-ESPOS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP4-LTSS

Trait:

{  "version_exact": "15 SP4-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP4-LTSS

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP4-LTSS

Trait:

{  "version_exact": "15 SP3-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP4-LTSS

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP3

Trait:

{  "version_exact": "15 SP4-ESPOS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP3

Trait:

{  "version_exact": "15 SP4-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP3

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP3

Trait:

{  "version_exact": "15 SP3-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP3

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP5

Trait:

{  "version_exact": "15 SP4-ESPOS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP5

Trait:

{  "version_exact": "15 SP4-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP5

Trait:

{  "version_exact": "15 SP3-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP6

Trait:

{  "version_exact": "15 SP4-ESPOS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP6

Trait:

{  "version_exact": "15 SP4-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP6

Trait:

{  "version_exact": "15 SP3-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP5

Trait:

{  "version_exact": "15 SP4-ESPOS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP5

Trait:

{  "version_exact": "15 SP4-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP5

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP5

Trait:

{  "version_exact": "15 SP3-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP5

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP4

Trait:

{  "version_exact": "15 SP4-ESPOS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP4

Trait:

{  "version_exact": "15 SP4-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP4

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP4

Trait:

{  "version_exact": "15 SP3-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP4

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP3-LTSS

Trait:

{  "version_exact": "15 SP4-ESPOS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP3-LTSS

Trait:

{  "version_exact": "15 SP4-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP3-LTSS

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP3-LTSS

Trait:

{  "version_exact": "15 SP3-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server 15 SP3-LTSS

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP6

Trait:

{  "version_exact": "15 SP4-ESPOS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP6

Trait:

{  "version_exact": "15 SP4-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP6

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP6

Trait:

{  "version_exact": "15 SP3-LTSS"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise high performance computing

Operating System: suse linux enterprise server for sap applications 15 SP6

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server 15 SP4-LTSS

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server 15 SP4-LTSS

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server for sap applications 15 SP3

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server for sap applications 15 SP3

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server 15 SP5

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server 15 SP5

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server 15 SP6

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server 15 SP6

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server for sap applications 15 SP5

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server for sap applications 15 SP5

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server for sap applications 15 SP4

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server for sap applications 15 SP4

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server 15 SP3-LTSS

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server 15 SP3-LTSS

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server for sap applications 15 SP6

Trait:

{  "version_exact": "15 SP5"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse linux enterprise module for server applications

Operating System: suse linux enterprise server for sap applications 15 SP6

Trait:

{  "version_exact": "15 SP6"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse manager retail branch server

Operating System: suse linux enterprise server for sap applications 15 SP3

Trait:

{  "version_exact": "4.3"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse manager retail branch server

Operating System: suse linux enterprise server for sap applications 15 SP5

Trait:

{  "version_exact": "4.3"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse manager retail branch server

Operating System: suse linux enterprise server for sap applications 15 SP4

Trait:

{  "version_exact": "4.3"}

Source: bdu

Type: Configuration

Vendor: novell inc.

Product: suse manager retail branch server

Operating System: suse linux enterprise server for sap applications 15 SP6

Trait:

{  "version_exact": "4.3"}

Source: bdu

Type: Configuration

Vendor: red hat inc.

Product: 389-ds-base

Operating System: suse linux enterprise server 15 SP4-LTSS

Trait:

{  "version_end_excluding": "2.5.1",  "version_start_including": "1.3.7"}

Source: bdu

Type: Configuration

Vendor: red hat inc.

Product: 389-ds-base

Operating System: suse linux enterprise server for sap applications 15 SP3

Trait:

{  "version_end_excluding": "2.5.1",  "version_start_including": "1.3.7"}

Source: bdu

Type: Configuration

Vendor: red hat inc.

Product: 389-ds-base

Operating System: suse linux enterprise server 15 SP5

Trait:

{  "version_end_excluding": "2.5.1",  "version_start_including": "1.3.7"}

Source: bdu

Type: Configuration

Vendor: red hat inc.

Product: 389-ds-base

Operating System: suse linux enterprise server 15 SP6

Trait:

{  "version_end_excluding": "2.5.1",  "version_start_including": "1.3.7"}

Source: bdu

Type: Configuration

Vendor: red hat inc.

Product: 389-ds-base

Operating System: suse linux enterprise server for sap applications 15 SP5

Trait:

{  "version_end_excluding": "2.5.1",  "version_start_including": "1.3.7"}

Source: bdu

Type: Configuration

Vendor: red hat inc.

Product: 389-ds-base

Operating System: suse linux enterprise server for sap applications 15 SP4

Trait:

{  "version_end_excluding": "2.5.1",  "version_start_including": "1.3.7"}

Source: bdu

Type: Configuration

Vendor: red hat inc.

Product: 389-ds-base

Operating System: suse linux enterprise server 15 SP3-LTSS

Trait:

{  "version_end_excluding": "2.5.1",  "version_start_including": "1.3.7"}

Source: bdu

Type: Configuration

Vendor: red hat inc.

Product: 389-ds-base

Operating System: suse linux enterprise server for sap applications 15 SP6

Trait:

{  "version_end_excluding": "2.5.1",  "version_start_including": "1.3.7"}

Source: bdu

Russian Vulnerability Scanner Database

BDU:2025-03459

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

Related Vulnerabilities

Reference Links

Recommendations

Vulnerable Software (216)