Description389 Directory Server 1.3.1.x, 1.3.2.x before 184.108.40.206, and 1.3.3.x before 220.127.116.11 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading the Changelog.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having low severity.
|National Vulnerability Database|
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Linux Enterprise Module for Server Applications 15 |
SUSE Linux Enterprise Module for Server Applications 15 SP1
|openSUSE Tumbleweed|| ||Patchnames:
openSUSE Tumbleweed GA 389-ds