The (1) IBM Tivoli Identity Manager Active Directory adapter prior to 5.1.24 and (2) IBM Security Identity Manager Active Directory adapter prior to 6.0.14 for IBM Security Identity Manager on Windows, when certain log and trace levels are configured, store the cleartext administrator password in a log file, which allows local users to obtain sensitive information by reading a file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm security identity manager active directory adapter |
||
ibm tivoli identity manager active directory adapter |