1.7

CVE-2011-1820

IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.2.0.3-TIV-ITDS-IF0002), and 6.3 before 6.3.0.3 (aka 6.3.0.0-TIV-ITDS-IF0003) does not properly handle the ibm-auditAttributesOnGroupEvalOp setting for auditing of extended operations, which might allow attackers to obtain sensitive information by reading the audit log.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmTivoli Directory Server Version5.2.0
IbmTivoli Directory Server Version5.2.0.4
IbmTivoli Directory Server Version6.0
IbmTivoli Directory Server Version6.0.0.0
IbmTivoli Directory Server Version6.0.0.1
IbmTivoli Directory Server Version6.0.0.7
IbmTivoli Directory Server Version6.0.0.8
IbmTivoli Directory Server Version6.0.0.14
IbmTivoli Directory Server Version6.0.0.19
IbmTivoli Directory Server Version6.0.0.33
IbmTivoli Directory Server Version6.0.0.41
IbmTivoli Directory Server Version6.0.0.45
IbmTivoli Directory Server Version6.0.0.52
IbmTivoli Directory Server Version6.0.0.53
IbmTivoli Directory Server Version6.0.0.54
IbmTivoli Directory Server Version6.0.0.55
IbmTivoli Directory Server Version6.0.0.56
IbmTivoli Directory Server Version6.0.0.57
IbmTivoli Directory Server Version6.0.0.58
IbmTivoli Directory Server Version6.0.0.59
IbmTivoli Directory Server Version6.0.0.60
IbmTivoli Directory Server Version6.0.0.61
IbmTivoli Directory Server Version6.0.0.62
IbmTivoli Directory Server Version6.0.0.63
IbmTivoli Directory Server Version6.0.0.64
IbmTivoli Directory Server Version6.0.0.65
IbmTivoli Directory Server Version6.0.0.66
IbmTivoli Directory Server Version6.1.0.0
IbmTivoli Directory Server Version6.1.0.1
IbmTivoli Directory Server Version6.1.0.2
IbmTivoli Directory Server Version6.1.0.3
IbmTivoli Directory Server Version6.1.0.4
IbmTivoli Directory Server Version6.1.0.5
IbmTivoli Directory Server Version6.1.0.6
IbmTivoli Directory Server Version6.1.0.7
IbmTivoli Directory Server Version6.1.0.8
IbmTivoli Directory Server Version6.1.0.9
IbmTivoli Directory Server Version6.1.0.10
IbmTivoli Directory Server Version6.1.0.11
IbmTivoli Directory Server Version6.1.0.12
IbmTivoli Directory Server Version6.1.0.13
IbmTivoli Directory Server Version6.1.0.14
IbmTivoli Directory Server Version6.1.0.15
IbmTivoli Directory Server Version6.1.0.17
IbmTivoli Directory Server Version6.1.0.18
IbmTivoli Directory Server Version6.1.0.19
IbmTivoli Directory Server Version6.1.0.20
IbmTivoli Directory Server Version6.1.0.21
IbmTivoli Directory Server Version6.1.0.22
IbmTivoli Directory Server Version6.1.0.23
IbmTivoli Directory Server Version6.1.0.24
IbmTivoli Directory Server Version6.1.0.25
IbmTivoli Directory Server Version6.1.0.26
IbmTivoli Directory Server Version6.1.0.27
IbmTivoli Directory Server Version6.1.0.28
IbmTivoli Directory Server Version6.1.0.29
IbmTivoli Directory Server Version6.1.0.30
IbmTivoli Directory Server Version6.1.0.31
IbmTivoli Directory Server Version6.1.0.32
IbmTivoli Directory Server Version6.1.0.33
IbmTivoli Directory Server Version6.1.0.34
IbmTivoli Directory Server Version6.1.0.35
IbmTivoli Directory Server Version6.1.0.36
IbmTivoli Directory Server Version6.1.0.37
IbmTivoli Directory Server Version6.1.0.38
IbmTivoli Directory Server Version6.1.0.39
IbmTivoli Directory Server Version6.2.0.0
IbmTivoli Directory Server Version6.2.0.1
IbmTivoli Directory Server Version6.2.0.2
IbmTivoli Directory Server Version6.2.0.3
IbmTivoli Directory Server Version6.2.0.4
IbmTivoli Directory Server Version6.2.0.5
IbmTivoli Directory Server Version6.2.0.6
IbmTivoli Directory Server Version6.2.0.7
IbmTivoli Directory Server Version6.2.0.8
IbmTivoli Directory Server Version6.2.0.10
IbmTivoli Directory Server Version6.2.0.11
IbmTivoli Directory Server Version6.2.0.12
IbmTivoli Directory Server Version6.2.0.13
IbmTivoli Directory Server Version6.2.0.14
IbmTivoli Directory Server Version6.2.0.15
IbmTivoli Directory Server Version6.3.0.0
IbmTivoli Directory Server Version6.3.0.1
IbmTivoli Directory Server Version6.3.0.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.35% 0.266
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 1.7 3.1 2.9
AV:L/AC:L/Au:S/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.ibm.com/support/docview.wss?uid=swg24029663
Patch
http://www.ibm.com/support/docview.wss?uid=swg24029672
Patch
http://www.ibm.com/support/docview.wss?uid=swg24029659
Patch
http://secunia.com/advisories/44184
Vendor Advisory
http://securitytracker.com/id?1025358
http://www.ibm.com/support/docview.wss?uid=swg24029660
Patch
http://www.ibm.com/support/docview.wss?uid=swg24029661
Patch
http://www.ibm.com/support/docview.wss?uid=swg1IO14023
http://www.ibm.com/support/docview.wss?uid=swg1IO14025
http://www.ibm.com/support/docview.wss?uid=swg1IO14028
http://www.ibm.com/support/docview.wss?uid=swg1IO14043
http://www.ibm.com/support/docview.wss?uid=swg1IO14044
http://www.ibm.com/support/docview.wss?uid=swg21496086
https://exchange.xforce.ibmcloud.com/vulnerabilities/66712