Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker with sufficiently high privileges, such as root or Directory Manager, can query these files in order to retrieve plaintext passwords.
CVSS Information
N/A
Vulnerability Type
敏感数据的明文存储
Vulnerability Title
Red Hat 389-ds-base 安全漏洞
Vulnerability Description
Red Hat 389-ds-base是美国红帽(Red Hat)公司的一个包括了Linux目录服务器和服务器管理命令行程序的软件包。 Red Hat 389-ds-base 1.3.8.5之前版本和1.4.0.12之前版本中存在安全漏洞,该漏洞源于程序将密码以明文形式储存在各自的日志更新文件中。攻击者可利用该漏洞查询文件,从而检索明文密码。
CVSS Information
N/A
Vulnerability Type
N/A