CVE-2012-2746

2012-07-0316:40:00

Debian Security Bug Tracker

security-tracker.debian.org

0.002 Low

EPSS

Percentile

58.2%

JSON

389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.

OSVersionArchitecturePackageVersionFilename
Debian12all389-ds-base< 2.3.1+dfsg1-1389-ds-base_2.3.1+dfsg1-1_all.deb
Debian11all389-ds-base< 1.4.4.11-2389-ds-base_1.4.4.11-2_all.deb
Debian10all389-ds-base< 1.4.0.21-1389-ds-base_1.4.0.21-1_all.deb
Debian999all389-ds-base< 2.4.5+dfsg1-1389-ds-base_2.4.5+dfsg1-1_all.deb
Debian13all389-ds-base< 2.4.5+dfsg1-1389-ds-base_2.4.5+dfsg1-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	389-ds-base	< 2.3.1+dfsg1-1	389-ds-base_2.3.1+dfsg1-1_all.deb
Debian	11	all	389-ds-base	< 1.4.4.11-2	389-ds-base_1.4.4.11-2_all.deb
Debian	10	all	389-ds-base	< 1.4.0.21-1	389-ds-base_1.4.0.21-1_all.deb
Debian	999	all	389-ds-base	< 2.4.5+dfsg1-1	389-ds-base_2.4.5+dfsg1-1_all.deb
Debian	13	all	389-ds-base	< 2.4.5+dfsg1-1	389-ds-base_2.4.5+dfsg1-1_all.deb

0.002 Low

EPSS

Percentile

58.2%

JSON

Related for DEBIANCVE:CVE-2012-2746