← back
CVE-2024-11604

Insertion of Sensitive Information into Log File

CVSS 7.3 HIGHEPSS 0.1%CWE-532
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.3EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Mar 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through 1.0.1.0300 and 1.1.0.0000.
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:N/R:U/V:C/RE:M/U:Red
Affected products
OpenText · IDM Driver and Extensions

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.netiq.com/documentation/identity-manager-48-drivers/SCIMDriver1.0.1.0400_readme/data/SCIMDriver1.0.1.0400_readme.htmlhttps://www.netiq.com/documentation/identity-manager-49-drivers/SCIMDriver1.1.0.0100_readme/data/SCIMDriver1.1.0.0100_readme.html