CVE-2012-6596

Palo Alto Networks PAN-OS 4.0.x < 4.0.9 and 4.1.x < 4.1.3 - Cleartext LDAP Password Exposure in authd.log

Title source: llm
STIX 2.1

Description

Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passwords in authd.log, which allows context-dependent attackers to obtain sensitive information by reading this file, aka Ref ID 35493.

References (1)

Core 1
Core References
Various Sources x_refsource_confirm
https://security.paloaltonetworks.com/CVE-2012-6596

Scores

EPSS 0.0023
EPSS Percentile 46.0%

Details

CWE
CWE-255
Status published
Products (12)
paloaltonetworks/pan-os 4.0.0
paloaltonetworks/pan-os 4.0.1
paloaltonetworks/pan-os 4.0.2
paloaltonetworks/pan-os 4.0.3
paloaltonetworks/pan-os 4.0.4
paloaltonetworks/pan-os 4.0.5
paloaltonetworks/pan-os 4.0.6
paloaltonetworks/pan-os 4.0.7
paloaltonetworks/pan-os 4.0.8
paloaltonetworks/pan-os 4.1.0
... and 2 more
Published Aug 31, 2013
Tracked Since Feb 18, 2026