Skip to main content

Microsoft CVE-2024-11604

| EUVDEUVD-2024-55508 HIGH
Insertion of Sensitive Information into Log File (CWE-532)
2026-03-27 OpenText GHSA-cvjj-fxm4-8q63
7.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.3 HIGH
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:U/V:C/RE:M/U:Red

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:U/V:C/RE:M/U:Red
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
A
Scope
P

Lifecycle Timeline

3
EUVD ID Assigned
Mar 27, 2026 - 14:30 euvd
EUVD-2024-55508
Analysis Generated
Mar 27, 2026 - 14:30 vuln.today
CVE Published
Mar 27, 2026 - 14:08 nvd
HIGH 7.3

DescriptionCVE.org

Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through 1.0.1.0300 and 1.1.0.0000.

AnalysisAI

Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-532. Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files.0.0.0000 through 1.0.1.0300 and 1.1.0.0000. Affected products include: Opentext Idm Driver And Extensions. Version information: through 1.0.1.0300.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2024-11604 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy