Vulnerability in OpenText™ Identity Manager AzureAD Driver Allows Logging of Sensitive Information into Log File
CVE-2021-22518

5.5MEDIUM

Key Information:

Vendor: Opentext
Status: Identity Manager Azuread Driver
Vendor: CVE Published:; 12 September 2024

Summary

A logging information exposure vulnerability has been identified in the OpenText Identity Manager AzureAD Driver. This flaw allows sensitive information to be logged into files, potentially exposing critical data to unauthorized individuals. All versions preceding 5.1.4.0 are affected, highlighting the need for organizations to update their systems to safeguard against possible data leaks. Proper security measures and timely updates are essential to protect sensitive user information from being compromised.

Affected Version(s)

Identity Manager AzureAD Driver Windows 5.1.4.0

References

https://www.netiq.com/documentation/identity-manager-48-d...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 12, 2024
Vulnerability Reserved
Jan 5, 2021