CVE-2018-10871

CWE-312 — Cleartext Storage of Sensitive Info8 documents7 sources

Severity

7.2HIGH

EPSS

0.4%

top 42.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fedoraproject 389 Directory Server [unknown] 389-ds-base Debian Debian Linux

Timeline

PublishedJul 18

Latest updateMay 13

Description

389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker with sufficiently high privileges, such as root or Directory Manager, can query these files in order to retrieve plaintext passwords.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:NExploitability: 1.2 | Impact: 2.5

Affected Packages3 packages

▶Debian389-ds-base< 1.4.0.15-1+2

▶CVEListV5[unknown]/389-ds-base389-ds-base 1.3.8.5, 389-ds-base 1.4.0.12+1

▶NVDfedoraproject/389_directory_server1.4.0.0 — 1.4.0.12+1

Also affects: Debian Linux 8.0

🔴Vulnerability Details

GHSA

GHSA-pxxp-9p24-326h: 389-ds-base before versions 1↗2022-05-13

▶

OSV

CVE-2018-10871: 389-ds-base before versions 1↗2018-07-18

▶

CVEList

CVE-2018-10871: 389-ds-base before versions 1↗2018-07-18

▶

📋Vendor Advisories

Red Hat

389-ds-base: replication and the Retro Changelog plugin store plaintext password by default↗2018-06-18

▶

Debian

CVE-2018-10871: 389-ds-base - 389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Stora...↗2018

▶

💬Community

Bugzilla

CVE-2018-10871 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default [fedora-all]↗2018-06-18

▶

Bugzilla

CVE-2018-10871 389-ds-base: replication and the Retro Changelog plugin store plaintext password by default↗2018-06-14

▶