CVE-2024-11604 PUBLISHED

Insertion of Sensitive Information into Log File

Assigner: OpenText
Reserved: 21.11.2024 Published: 27.03.2026 Updated: 27.03.2026

Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through 1.0.1.0300 and 1.1.0.0000.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:N/R:U/V:C/RE:M/U:Red
CVSS Score: 7.3

Product Status

Vendor OpenText
Product IDM Driver and Extensions
Versions Default: affected
  • affected from 1.0.0.0000 to 1.0.1.0300 (incl.)
  • Version 1.1.0.0000 is affected

References

Problem Types

  • CWE-532 Insertion of Sensitive Information into Log File CWE

Impacts

  • CAPEC-215 Fuzzing for application mapping