Albertocrj

**Name of the Vulnerable Software and Affected Versions** 389 Directory Server versions prior to 1.2.11.6 Red Hat Directory Server versions prior to 8.2.10-3 389-ds-base versions 1.2.10.2 389-ds-base-debuginfo versions 1.2.10.2 389-ds-base-libs versions 1.2.10.2 389-ds-base-devel versions 1.2.10.2 **Description** The issue allows remote authenticated users to read passwords in plain text when audit logging is enabled and a LDAP user's password has been changed. Exploitation can lead to a breach of protected information. The estimated number of potentially affected devices is not provided, and there is no information about real-world incidents where this issue was exploited. **Recommendations** For 389 Directory Server versions prior to 1.2.11.6, update to version 1.2.11.6 or later. For Red Hat Directory Server versions prior to 8.2.10-3, update to version 8.2.10-3 or later. For 389-ds-base, 389-ds-base-debuginfo, 389-ds-base-libs, and 389-ds-base-devel versions 1.2.10.2, update to a version later than 1.2.10.2. As a temporary workaround, consider disabling audit logging for LDAP user password changes until a patch is available. Restrict access to the affected server to minimize the risk of exploitation. Avoid using plain text passwords in the affected API endpoints until the issue is resolved.