CVE-2019-10224

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-10224

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-10224.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-10224

Related

Published

2019-11-25T16:15:13Z

Modified

2024-12-09T16:00:48Z

Severity

4.6 (Medium) CVSS_V3 - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information.

References

Affected packages

Debian:11 / 389-ds-base

Package

Name: 389-ds-base
Purl: pkg:deb/debian/389-ds-base?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.1.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / 389-ds-base

Package

Name: 389-ds-base
Purl: pkg:deb/debian/389-ds-base?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.1.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}