CVE-2024-11604 | THREATINT

Description

Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through 1.0.1.0300 and 1.1.0.0000.

PUBLISHED Reserved 2024-11-21 | Published 2026-03-27 | Updated 2026-03-27 | Assigner OpenText

HIGH: 7.3CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:N/R:U/V:C/RE:M/U:Red

Problem types

CWE-532 Insertion of Sensitive Information into Log File

Product status

Default status

affected

1.0.0.0000 (rpm, zip)

affected

1.1.0.0000 (rpm, zip)

affected

References

www.netiq.com/...eadme/data/SCIMDriver1.1.0.0100_readme.html release-notes

www.netiq.com/...eadme/data/SCIMDriver1.0.1.0400_readme.html release-notes

cve.org (CVE-2024-11604)

nvd.nist.gov (CVE-2024-11604)

Download JSON