CVE-2019-10224 Vulnerability Details

  /     /     /  

CVE-2019-10224 Metadata Quick Info

CVE Published: 25/11/2019 | CVE Updated: 04/08/2024 | CVE Year: 2019
Source: redhat | Vendor: Red Hat | Product: 389-ds-base
Status : PUBLISHED

CVE-2019-10224 Description

A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-522
CWE Name: CWE-522
Source: Red Hat

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).