CVE-2024-8445

Summary

CVE-2024-8445 is a cybersecurity vulnerability affecting specific versions of the 389-ds-base, which was initially addressed by CVE-2024-2199 but inadequately resolved all scenarios. This flaw allows an authenticated user to potentially crash the server by providing malformed input while modifying the userPassword. The vulnerability has been rated with a medium severity score of 5.7, with a high availability impact and low privileges required for exploitation, indicating that it can be triggered from an adjacent network without user interaction. To remediate this issue, organizations should update their affected products, identified as 'QtrxP-' and 'JkTaiV', to the latest versions that address this vulnerability. If left unaddressed, it poses a risk of downtime and service disruption for organizations relying on these systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.