CVE-2019-10224 is a vulnerability in Fedora Project 389 Directory Server
Published on November 25, 2019
A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information.
Weakness Type
Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Products Associated with CVE-2019-10224
Want to know whenever a new CVE is published for Fedora Project 389 Directory Server? stack.watch will email you.
Affected Versions
Red Hat 389-ds-base Version 389-ds-base 1.4.x.x before 1.4.1.3 is affected by CVE-2019-10224Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.