Vulnerability Description
When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Shiva Access Manager | 5.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0008.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/1329
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4612
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0008.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/1329
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4612
FAQ
What is CVE-2000-0516?
CVE-2000-0516 is a vulnerability with a CVSS score of 7.2 (HIGH). When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world reada...
How severe is CVE-2000-0516?
CVE-2000-0516 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0516?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Shiva Access Manager.