Unrated severityNVD Advisory· Published Jan 9, 2020· Updated Aug 7, 2024
CVE-2010-3282
CVE-2010-3282
Description
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<B.08.10.03+ 1 more
- (no CPE)range: <B.08.10.03
- (no CPE)range: before B.08.10.03
- Range: before 1.2.7.1
Patches
Vulnerability mechanics
References
4- oval.mitre.org/repository/data/getDefmitrevdb-entrysignaturex_refsource_OVAL
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- git.fedorahosted.org/cgit/389/ds.git/commit/mitrex_refsource_CONFIRM
- support.hpe.com/hpsc/doc/public/displaymitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.