CVE-2011-1822

The LDAP_ADD implementation in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0009 stores a cleartext SHA password in the change log, which might allow local users to obtain sensitive information by reading this log.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmtivoli_directory_server
5.2.0
ibmtivoli_directory_server
5.2.0.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg1IO11882
http://www.ibm.com/support/docview.wss?uid=swg24029663
http://www.ibm.com/support/docview.wss?uid=swg1IO11882
http://www.ibm.com/support/docview.wss?uid=swg24029663