VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Mar 10, 2015· Updated May 6, 2026

CVE-2014-8112

CVE-2014-8112

Description

389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog.

Affected products

44
  • Fedoraproject/389 Directory Server43 versions
    cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.8:*:*:*:*:*:*:*+ 42 more
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.19:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.22:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.23:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.24:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.26:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.12:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.14:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.15:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.16:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.17:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.18:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.19:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.1.22:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:fedoraproject:389_directory_server:1.3.2.16:*:*:*:*:*:*:*
  • Fedoraproject/Fedora
    cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.