CVE-2007-4526

Name of the Vulnerable Software and Affected Versions Novell Identity Manager versions prior to 3.5.1 20070730

Description The issue allows local users to obtain sensitive information, specifically usernames and passwords, by reading a local file where this data is stored. This is due to the way the Client Login Extension (CLE) handles storage of this sensitive information.

Recommendations For versions prior to 3.5.1 20070730, update to version 3.5.1 20070730 or later to resolve the issue. As a temporary workaround, consider restricting access to the local file where the username and password are stored to minimize the risk of exploitation.