CVE-2021-3514 - Vulnerability Details - OpenCVE

When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	389 Directory Server Directory Server Enterprise Linux Rhel Eus

Configuration 1 [-]

cpe:2.3:o:redhat:389_directory_server:-:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Directory Server 11.3 for RHEL 8
redhat-ds:11-8040020220114174559.d9abee45	cpe:/a:redhat:directory_server:11.3::el8	RHSA-2022:0952	2022-03-16T00:00:00Z
Red Hat Directory Server 11.4 for RHEL 8
redhat-ds:11-8050020210920153716.d3df4063	cpe:/a:redhat:directory_server:11.4::el8	RHSA-2021:3955	2021-10-25T00:00:00Z
Red Hat Enterprise Linux 8
389-ds:1.4-8040020210616143519.96015a92	cpe:/a:redhat:enterprise_linux:8	RHSA-2021:2595	2021-06-29T00:00:00Z
Red Hat Enterprise Linux 8.2 Extended Update Support
389-ds:1.4-8020020210515224321.dbc46ba7	cpe:/a:redhat:rhel_eus:8.2	RHSA-2021:2796	2021-07-21T00:00:00Z

References

Link	Providers
https://github.com/389ds/389-ds-base/issues/4711
https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html
https://nvd.nist.gov/vuln/detail/CVE-2021-3514
https://www.cve.org/CVERecord?id=CVE-2021-3514

History

Mon, 14 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00104}`	epss `{'score': 0.00103}`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2021-05-28T00:00:00

Updated: 2024-08-03T16:53:17.927Z

Reserved: 2021-04-27T00:00:00

Link: CVE-2021-3514

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-05-28T15:15:09.253

Modified: 2024-11-21T06:21:43.637

Link: CVE-2021-3514

Redhat

Severity : Moderate

Publid Date: 2021-04-01T00:00:00Z

Links: CVE-2021-3514 - Bugzilla

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:389_directory_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "A861110D-0BBC-4052-BBFD-F718F6CD72C5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash."}, {"lang": "es", "value": "Cuando es usado un cliente sync_repl en 389-ds-base, un atacante autenticado puede causar una desreferencia del puntero NULL usando una consulta especialmente dise\u00f1ada, causando un bloqueo"}], "id": "CVE-2021-3514", "lastModified": "2024-11-21T06:21:43.637", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-28T15:15:09.253", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://github.com/389ds/389-ds-base/issues/4711"}, {"source": "secalert@redhat.com", "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/389ds/389-ds-base/issues/4711"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Thierry Bordaz for reporting this issue.", "affected_release": [{"advisory": "RHSA-2022:0952", "cpe": "cpe:/a:redhat:directory_server:11.3::el8", "package": "redhat-ds:11-8040020220114174559.d9abee45", "product_name": "Red Hat Directory Server 11.3 for RHEL 8", "release_date": "2022-03-16T00:00:00Z"}, {"advisory": "RHSA-2021:3955", "cpe": "cpe:/a:redhat:directory_server:11.4::el8", "package": "redhat-ds:11-8050020210920153716.d3df4063", "product_name": "Red Hat Directory Server 11.4 for RHEL 8", "release_date": "2021-10-25T00:00:00Z"}, {"advisory": "RHSA-2021:2595", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "389-ds:1.4-8040020210616143519.96015a92", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-06-29T00:00:00Z"}, {"advisory": "RHSA-2021:2796", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "389-ds:1.4-8020020210515224321.dbc46ba7", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-07-21T00:00:00Z"}], "bugzilla": {"description": "389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()", "id": "1952907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952907"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-476", "details": ["When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash.", "A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. The highest threat from this vulnerability is to system availability."], "name": "CVE-2021-3514", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "389-ds-base", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "389-ds-base", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "389-ds-base", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2021-04-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-3514\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3514\nhttps://github.com/389ds/389-ds-base/issues/4711"], "statement": "Red Hat Identity Management is affected by this flaw, as Content Synchronization is enabled by default.", "threat_severity": "Moderate"}