PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-11790 Red Hat CVE debrief

CVE-2026-11790 is a medium-severity vulnerability in 389 Directory Server's PBKDF2-SHA256 password storage plugin. The plugin fails to enforce an upper bound on the iteration count extracted from stored password hashes, allowing a privileged attacker to cause excessive CPU consumption during authentication, resulting in denial of service. The vulnerability was published on [cvePublishedAt] and modified on [cveModifiedAt].

Vendor
Red Hat
Product
Red Hat Directory Server 11
CVSS
MEDIUM 4.9
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-09
Original CVE updated
2026-06-12
Advisory published
2026-06-09
Advisory updated
2026-06-12

Who should care

Users of Red Hat Directory Server, 389 Directory Server, and related Red Hat Enterprise Linux versions should be aware of this vulnerability.

Technical summary

The PBKDF2-SHA256 password storage plugin in 389 Directory Server does not enforce an upper bound on the iteration count extracted from stored password hashes. This allows a privileged attacker who can modify a user's password hash to cause excessive CPU consumption during authentication, resulting in denial of service.

Defensive priority

medium

Recommended defensive actions

  • Apply patches or updates provided by Red Hat to address the vulnerability.
  • Restrict access to privileged users who can modify password hashes.
  • Monitor authentication attempts and system resources for signs of potential abuse.

Evidence notes

The CVE-2026-11790 vulnerability was published on [cvePublishedAt] and modified on [cveModifiedAt]. The vulnerability affects multiple versions of Red Hat Directory Server and Enterprise Linux.

Official resources

CVE-2026-11790 was published on 2026-06-09T14:16:37.197Z and modified on 2026-06-12T18:21:26.787Z.