389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext
Storage of Sensitive Information. By default, when the Replica and/or
retroChangeLog plugins are enabled, 389-ds-base stores passwords in
plaintext format in their respective changelog files. An attacker with
sufficiently high privileges, such as root or Directory Manager, can query
these files in order to retrieve plaintext passwords.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | 389-ds-base | < any | UNKNOWN |
ubuntu | 16.04 | noarch | 389-ds-base | < any | UNKNOWN |