Unhashed Password Disclosure in 389 Directory Server
CVE-2012-2678 · LOW Severity
AV:L/AC:H/AU:N/C:P/I:N/A:N
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.
Learn more about our Cis Benchmark Audit For Server Software.