VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jul 3, 2012· Updated Apr 29, 2026

CVE-2012-2746

CVE-2012-2746

Description

389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.

Affected products

42
  • Red Hat/Directory Server4 versions
    cpe:2.3:a:redhat:directory_server:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:redhat:directory_server:*:*:*:*:*:*:*:*range: <=8.2
    • cpe:2.3:a:redhat:directory_server:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:directory_server:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:directory_server:8.1:*:*:*:*:*:*:*
  • Fedoraproject/389 Directory Server38 versions
    cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*+ 37 more
    • cpe:2.3:a:fedoraproject:389_directory_server:*:*:*:*:*:*:*:*range: <=1.2.11.5
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc1:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc2:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc3:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.5:rc4:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a2:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a3:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:a4:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc1:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc2:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc3:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc6:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6:rc7:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.7:alpha3:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha1:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha2:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:alpha3:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:rc1:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.8:rc2:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.9.9:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.10:alpha8:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.10:rc1:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.10.7:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.2.11.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

11

News mentions

0

No linked articles in our index yet.