CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.
Configurations

Configuration 1 (hide)

cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:mcafee:policy_auditor:*:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-07-14 14:15

Updated : 2024-02-28 17:47


NVD link : CVE-2020-15719

Mitre link : CVE-2020-15719

CVE.ORG link : CVE-2020-15719


JSON object : View

Products Affected

oracle

  • blockchain_platform

mcafee

  • policy_auditor

openldap

  • openldap

opensuse

  • leap

redhat

  • enterprise_linux
CWE
CWE-295

Improper Certificate Validation