{"id":"CVE-2015-1854","details":"389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call.","modified":"2026-04-16T06:17:15.975771391Z","published":"2017-09-19T15:29:00Z","related":["openSUSE-SU-2024:10157-1"],"references":[{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157069.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/74392"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2015:0895"},{"type":"ADVISORY","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1209573"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html"},{"type":"ARTICLE","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157069.html"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00018.html"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1209573"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}