The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red Hat Directory Server 8 before 8.2 use world-readable permissions when creating cache files, which allows local users to obtain sensitive information including passwords for Directory and Administration Server administrative accounts.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Directory_server | Redhat | 8.0 (including) | 8.0 (including) |
| Directory_server | Redhat | 8.1 (including) | 8.1 (including) |