CVE-2014-3089
Last modified
CVE-2014-3089 is a vulnerability of currently unknown severity. The RDS Java Client library in IBM Rational Directory Server (RDS) 5.1.1.x before 5.1.1.2 iFix004 and 5.2.x before 5.2.1 iFix003, and Rational Directory Administrator (RDA) 6.0 before iFix002, includes the cleartext root password, which allows local users to obtain sensitive information by reading a library file.. EPSS estimates a 0.38% chance of exploitation in the next 30 days.
Description
The RDS Java Client library in IBM Rational Directory Server (RDS) 5.1.1.x before 5.1.1.2 iFix004 and 5.2.x before 5.2.1 iFix003, and Rational Directory Administrator (RDA) 6.0 before iFix002, includes the cleartext root password, which allows local users to obtain sensitive information by reading a library file.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Rational Directory Administrator | 6.0 |
| Ibm | Rational Directory Administrator | 6.0.0.1 |
| Ibm | Rational Directory Server | 5.1.1 |
| Ibm | Rational Directory Server | 5.1.1.1 |
| Ibm | Rational Directory Server | 5.1.1.2 |
| Ibm | Rational Directory Server | 5.2 |
| Ibm | Rational Directory Server | 5.2.0.1 |
| Ibm | Rational Directory Server | 5.2.0.2 |
| Ibm | Rational Directory Server | 5.2.1 |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21681554Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21681554Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-3089?
How severe is CVE-2014-3089?
How do I fix CVE-2014-3089?
Are you affected by CVE-2014-3089?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST