The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session,. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.
IBM Scale Out Network Attached Storage (SONAS) 1.3 before 1.3.2.3 requires cleartext storage of LDAP credentials without recommending a less privileged LDAP account, which might allow attackers to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.