Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The LDAP_ADD implementation in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0009 stores a cleartext SHA password in the change log, which might allow local users to obtain sensitive information by reading this log.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Tivoli Directory Server LDAP_ADD实现敏感信息泄露漏洞
Vulnerability Description
IBM Tivoli Directory Server(ITDS,现称IBM Security Directory Server,ISDS)是美国IBM公司的一套使用了轻量级目录访问协议(LDAP)的企业身份管理软件。该软件提供一个可信的身份数据基础架构,用于进行身份验证。 IBM Tivoli Directory Server(TDS)5.2.0.5-TIV-ITDS-LA0009之前的5.2版本中的LDAP_ADD实现在更改日志中存储了明文SHA密码。本地用户可以通过读取该日志,获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A