Skip to main content
Version: latest

CVE-2015-3276

CVE Details

Visit the official vulnerability details page for CVE-2015-3276 to learn more.

Initial Publication

01/20/2025

Last Update

09/02/2025

Third Party Dependency

libldap-2.5-0

NIST CVE Summary

The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.

CVE Severity

7.5

Our Official Summary

This is a high-severity vulnerability in OpenLDAP, specifically in the nss_parse_ciphers function within libraries/libldap/tls_m.c. This function fails to correctly parse OpenSSL-style multi-keyword cipher strings, potentially leading to the unintended use of weaker ciphers. As a result, remote attackers could exploit this flaw to compromise the integrity of encrypted communications.

Risk of exploitation is low for our products as attacker has to gain privilged access to the container and run code on the container to be able to exploit this. Probability of exploitation is very low. If a fix becomes available upstream, that will be adopted to fix this vulnerability.

Status

Ongoing

Affected Products & Versions

VersionPalette EnterprisePalette Enterprise AirgapVerteXVerteX Airgap
4.7.16⚠️ Impacted✅ No Impact⚠️ Impacted✅ No Impact
4.6.41⚠️ Impacted✅ No Impact⚠️ Impacted✅ No Impact
4.5.22⚠️ Impacted✅ No Impact⚠️ Impacted✅ No Impact

Revision History

DateRevision
05/29/2025Status changed from Open to Ongoing
05/29/2025Official summary added