CVE-2019-10224 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2019-10224 Interim 1 19 2025-02-17T02:08:58Z current 2021-05-30T14:26:51Z 2025-02-17T02:08:58Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2019-10224 A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Liberty Linux 8 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 389-ds 389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f 389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f 389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f 389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f 389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f 389-ds-devel 389-ds-snmp lib389 libsvrcore0 python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f 389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as a component of SUSE Liberty Linux 8 389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as a component of SUSE Liberty Linux 8 389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as a component of SUSE Liberty Linux 8 389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as a component of SUSE Liberty Linux 8 389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as a component of SUSE Liberty Linux 8 python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as a component of SUSE Liberty Linux 8 389-ds as a component of SUSE Linux Enterprise Module for Server Applications 15 389-ds-devel as a component of SUSE Linux Enterprise Module for Server Applications 15 libsvrcore0 as a component of SUSE Linux Enterprise Module for Server Applications 15 389-ds as a component of SUSE Linux Enterprise Module for Server Applications 15 SP1 389-ds-devel as a component of SUSE Linux Enterprise Module for Server Applications 15 SP1 389-ds-snmp as a component of SUSE Linux Enterprise Module for Server Applications 15 SP1 lib389 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP1 libsvrcore0 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP1 A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information. CVE-2019-10224 SUSE Liberty Linux 8:389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f SUSE Liberty Linux 8:389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f SUSE Liberty Linux 8:389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f SUSE Liberty Linux 8:389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f SUSE Liberty Linux 8:389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f SUSE Liberty Linux 8:python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds-devel SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds-snmp SUSE Linux Enterprise Module for Server Applications 15 SP1:lib389 SUSE Linux Enterprise Module for Server Applications 15 SP1:libsvrcore0 SUSE Linux Enterprise Module for Server Applications 15:389-ds SUSE Linux Enterprise Module for Server Applications 15:389-ds-devel SUSE Linux Enterprise Module for Server Applications 15:libsvrcore0 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N 4.6 CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N