CVE-2017-7434

LOW3.3Info disclosure

Description

In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles.

CVSS breakdown

CVSS 3.0

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected products

NetIQ / Identity Managerunspecified – 4.6

References

MISChttps://bugzilla.suse.com/show_bug.cgi?id=1005907
MISChttps://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html