CVE-2017-9277

MEDIUM

Novell eDirectory < 9.0 SP4 - Unauthenticated LDAP Connection Reuse

Title source: llm

The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.

Core 3

Core References

Vendor Advisory x_refsource_confirm

Various Sources x_refsource_confirm

Issue Tracking x_refsource_confirm

CVSS v3 4.2

EPSS 0.0038

EPSS Percentile 59.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Status published

Products (2)

novell/edirectory 9.0 sp1 (3 CPE variants)

novell/edirectory < 9.0

Published Mar 02, 2018

Tracked Since Feb 18, 2026