CVE-2024-11604

Insertion of Sensitive Information into Log File

CVSS 7.3 HIGHEPSS 0.1%CWE-532

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 7.3EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

27 mar 2026Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through 1.0.1.0300 and 1.1.0.0000.

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:N/R:U/V:C/RE:M/U:Red

Produtos afetados

OpenText · IDM Driver and Extensions

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.netiq.com/documentation/identity-manager-48-drivers/SCIMDriver1.0.1.0400_readme/data/SCIMDriver1.0.1.0400_readme.html https://www.netiq.com/documentation/identity-manager-49-drivers/SCIMDriver1.1.0.0100_readme/data/SCIMDriver1.1.0.0100_readme.html