When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
intel shiva access manager 5.0 |