CVE-2017-9278
3.3
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NetIQ | Identity Manager Oracle EBS driver | unspecified < 4.0.2.0 | affected |
Weaknesses
- password disclosure via logging
- CWE-532: CWE-532
ADP Enrichment
CVE Program Container
Additional References
- https://download.novell.com/Download?buildid=DKFkx_xPeaw~
- https://bugzilla.suse.com/show_bug.cgi?id=1053200
References
- https://download.novell.com/Download?buildid=DKFkx_xPeaw~
- https://bugzilla.suse.com/show_bug.cgi?id=1053200
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.