CVE-2012-2746
published 2012-07-03CVE-2012-2746: 389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is…
low2.1CVSS 3.1
AVNACHAuSCPINAN
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | 389-ds-base | — | — |
| fedoraproject | 389_directory_server | <= 1.2.11.5 | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| fedoraproject | 389_directory_server | — | — |
| port389 | 389-ds-base | >= 0 < 1.3.2.16-0ubuntu1 | 1.3.2.16-0ubuntu1 |
| redhat | directory_server | <= 8.2 | — |
| redhat | directory_server | — | — |
CVSS provenance
nvd2.1LOWAV:N/AC:H/Au:S/C:P/I:N/A:N
osv2.1LOW