CVE-2010-3264

CWE-2554 documents4 sources

Severity

2.1LOW

EPSS

0.1%

top 81.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Identity Manager

Timeline

PublishedSep 8

Latest updateMay 17

Description

The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDnovell/identity_manager3.6.1

🔴Vulnerability Details

GHSA

GHSA-fx8w-4hhx-chxq: The engine installer in Novell Identity Manager (aka IDM) 3↗2022-05-17

▶

CVEList

CVE-2010-3264: The engine installer in Novell Identity Manager (aka IDM) 3↗2010-09-08

▶

💬Community

Bugzilla

CVE-2010-4531 pcsc-lite: Stack-based buffer overflow in Answer-to-Reset (ATR) decoder↗2010-12-22

▶