The LDAP_ADD implementation in IBM Tivoli Directory Server (TDS) 5.2 prior to 5.2.0.5-TIV-ITDS-IF0009 stores a cleartext SHA password in the change log, which might allow local users to obtain sensitive information by reading this log.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm tivoli directory server 5.2.0 |
||
ibm tivoli directory server 5.2.0.4 |