CVE-2017-7434

LOW

NetIQ Identity Manager <4.6 - Info Disclosure

Title source: llm

Description

In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles.

References (2)

Core 2

Core References

Issue Tracking x_refsource_confirm

https://bugzilla.suse.com/show_bug.cgi?id=1005907

Various Sources x_refsource_confirm

https://www.netiq.com/documentation/identity-manager-46/releasenotes_idm46/data/releasenotes_idm46.html

Scores

CVSS v3 3.3

EPSS 0.0017

EPSS Percentile 37.4%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-532

Status published

Products (1)

netiq/identity_manager < 4.6

Published Mar 02, 2018

Tracked Since Feb 18, 2026