2.1

CVE-2012-2746

EPSS 0.51%
Published 03.07.2012 16:40:34
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated users to read the password.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Directory Server Version <= 8.2

Redhat ≫ Directory Server Version7.1

Redhat ≫ Directory Server Version8.0

Redhat ≫ Directory Server Version8.1

Fedoraproject ≫ 389 Directory Server Version <= 1.2.11.5

Fedoraproject ≫ 389 Directory Server Version1.2.1

Fedoraproject ≫ 389 Directory Server Version1.2.2

Fedoraproject ≫ 389 Directory Server Version1.2.3

Fedoraproject ≫ 389 Directory Server Version1.2.5

Fedoraproject ≫ 389 Directory Server Version1.2.5 Updaterc1

Fedoraproject ≫ 389 Directory Server Version1.2.5 Updaterc2

Fedoraproject ≫ 389 Directory Server Version1.2.5 Updaterc3

Fedoraproject ≫ 389 Directory Server Version1.2.5 Updaterc4

Fedoraproject ≫ 389 Directory Server Version1.2.6

Fedoraproject ≫ 389 Directory Server Version1.2.6 Updatea2

Fedoraproject ≫ 389 Directory Server Version1.2.6 Updatea3

Fedoraproject ≫ 389 Directory Server Version1.2.6 Updatea4

Fedoraproject ≫ 389 Directory Server Version1.2.6 Updaterc1

Fedoraproject ≫ 389 Directory Server Version1.2.6 Updaterc2

Fedoraproject ≫ 389 Directory Server Version1.2.6 Updaterc3

Fedoraproject ≫ 389 Directory Server Version1.2.6 Updaterc6

Fedoraproject ≫ 389 Directory Server Version1.2.6 Updaterc7

Fedoraproject ≫ 389 Directory Server Version1.2.6.1

Fedoraproject ≫ 389 Directory Server Version1.2.7 Updatealpha3

Fedoraproject ≫ 389 Directory Server Version1.2.7.5

Fedoraproject ≫ 389 Directory Server Version1.2.8 Updatealpha1

Fedoraproject ≫ 389 Directory Server Version1.2.8 Updatealpha2

Fedoraproject ≫ 389 Directory Server Version1.2.8 Updatealpha3

Fedoraproject ≫ 389 Directory Server Version1.2.8 Updaterc1

Fedoraproject ≫ 389 Directory Server Version1.2.8 Updaterc2

Fedoraproject ≫ 389 Directory Server Version1.2.8.1

Fedoraproject ≫ 389 Directory Server Version1.2.8.2

Fedoraproject ≫ 389 Directory Server Version1.2.8.3

Fedoraproject ≫ 389 Directory Server Version1.2.9.9

Fedoraproject ≫ 389 Directory Server Version1.2.10 Updatealpha8

Fedoraproject ≫ 389 Directory Server Version1.2.10 Updaterc1

Fedoraproject ≫ 389 Directory Server Version1.2.10.1

Fedoraproject ≫ 389 Directory Server Version1.2.10.2

Fedoraproject ≫ 389 Directory Server Version1.2.10.3

Fedoraproject ≫ 389 Directory Server Version1.2.10.4

Fedoraproject ≫ 389 Directory Server Version1.2.10.7

Fedoraproject ≫ 389 Directory Server Version1.2.11.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.51%	0.636

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.1	3.9	2.9	AV:N/AC:H/Au:S/C:P/I:N/A:N

http://directory.fedoraproject.org/wiki/Release_Notes

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2012-0997.html

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2012-1041.html

Vendor Advisory

http://secunia.com/advisories/49734

Vendor Advisory

http://www.securityfocus.com/bid/54153

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03772083

http://www.osvdb.org/83329

https://bugzilla.redhat.com/show_bug.cgi?id=833482

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/76595

https://fedorahosted.org/389/ticket/365

Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19241

https://nvd.nist.gov/vuln/detail/CVE-2012-2746

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-2746

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-2746

EUVD