CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
5.1%
The (1) IBM Tivoli Identity Manager Active Directory adapter before 5.1.24 and (2) IBM Security Identity Manager Active Directory adapter before 6.0.14 for IBM Security Identity Manager on Windows, when certain log and trace levels are configured, store the cleartext administrator password in a log file, which allows local users to obtain sensitive information by reading a file.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | security_identity_manager_active_directory_adapter | * | cpe:2.3:a:ibm:security_identity_manager_active_directory_adapter:*:*:*:*:*:windows:*:* |
ibm | tivoli_identity_manager_active_directory_adapter | * | cpe:2.3:a:ibm:tivoli_identity_manager_active_directory_adapter:*:*:*:*:*:windows:*:* |