CVE-2012-2668

N/A Unknown

Published: June 17, 2012 Modified: April 29, 2026

Description

libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2012-1151.html

Source: secalert@redhat.com

http://seclists.org/fulldisclosure/2019/Dec/26

Source: secalert@redhat.com

http://security.gentoo.org/glsa/glsa-201406-36.xml

Source: secalert@redhat.com

http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commitdiff%3Bh=2c2bb2e

Source: secalert@redhat.com

http://www.openldap.org/its/index.cgi?findid=7285

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/06/05/4

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/06/06/1

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/06/06/2

Source: secalert@redhat.com

http://www.securityfocus.com/bid/53823

Source: secalert@redhat.com

http://www.securitytracker.com/id?1027127

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=825875

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/76099

Source: secalert@redhat.com

https://seclists.org/bugtraq/2019/Dec/23

Source: secalert@redhat.com

https://support.apple.com/kb/HT210788

Source: secalert@redhat.com

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2012-1151.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2019/Dec/26

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-201406-36.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commitdiff%3Bh=2c2bb2e

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openldap.org/its/index.cgi?findid=7285

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2012/06/05/4

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2012/06/06/1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2012/06/06/2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/53823

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1027127

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=825875

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/76099

Source: af854a3a-2127-422b-91ae-364da2661108

https://seclists.org/bugtraq/2019/Dec/23

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT210788

Source: af854a3a-2127-422b-91ae-364da2661108

30 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

4.1%

90th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-200

Affected Vendors

openldap

Related CVEs

CVE-2026-9677 N/A

CVE-2026-13245 6.1

CVE-2026-12404 5.3

CVE-2026-10820 N/A

CVE-2026-12415 9.8