CVE-2019-10224
- ULN >
- Oracle Linux CVE repository >
- CVE-2019-10224
CVE Details
| Release Date: | 2019-11-25 |
Description
A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information.
See more information about CVE-2019-10224 from MITRE CVE dictionary and NIST NVD
CVSS v3.0 metrics
NOTE: The following CVSS v3.0 metrics and score provided are preliminary and subject to review.
| Base Score: | 4.6 | Base Metrics: | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Access Vector: | Physical | Attack Complexity: | Low |
| Privileges Required: | None | User Interaction: | None |
| Scope: | Unchanged | Confidentiality Impact: | High |
| Integrity Impact: | None | Availability Impact: | None |
Errata information
| Platform | Errata | Release Date |
| Oracle Linux version 8 (389-ds-base) | ELSA-2019-3401 | 2019-11-14 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
