2 matches found
Security Bulletin: Storwize V7000 Unified documentation update available for configuration of Storwize V7000 Unified with LDAP authentication (CVE-2012-0706)
Abstract Storwize V7000 Unified includes a version of the LDAP client which stores the username and the password of the LDAP user in clear text in the local file system. Content VULNERABILITY DETAILS: CVE ID: CVE-2012-0706 DESCRIPTION: Storwize V7000 Unified requires LDAP username called binddn a...
CVE-2012-0706
CVE-2012-0706 affects IBM Scale Out NAS (SONAS) 1.3 prior to 1.3.2.3. The embedded LDAP client stores LDAP bind DN and password in cleartext on the local filesystem, enabling an attacker with root access to obtain credentials and potentially access the external LDAP server. IBM notes no vendor fi...