← Back

CVE-2012-2668

nvd nist
Published: Jun 17, 2012Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:P/I:N/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information.

Affected (26)

Products: Openldap: Openldap
Openldap
1 product
Openldap
Configuration A
26 vulnerable
Vulnerable SoftwareAffected Versions
Openldap
Openldap
Up to 2.4.31
Openldap
Version 2.4.10
Openldap
Version 2.4.11
Openldap
Version 2.4.12
Openldap
Version 2.4.13
Openldap
Version 2.4.14
Openldap
Version 2.4.15
Openldap
Version 2.4.16
Openldap
Version 2.4.17
Openldap
Version 2.4.18
Openldap
Version 2.4.19
Openldap
Version 2.4.20
Openldap
Version 2.4.21
Openldap
Version 2.4.22
Openldap
Version 2.4.23
Openldap
Version 2.4.24
Openldap
Version 2.4.25
Openldap
Version 2.4.26
Openldap
Version 2.4.27
Openldap
Version 2.4.28
Openldap
Version 2.4.29
Openldap
Version 2.4.30
Openldap
Version 2.4.6
Openldap
Version 2.4.7
Openldap
Version 2.4.8
Openldap
Version 2.4.9

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (30)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.