CVE-2020-13881

Опубликовано: 06 июн. 2020

Источник: debian

EPSS Низкий

Описание

In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.

Пакет	Статус	Версия исправления	Релиз	Тип
libpam-tacplus	fixed	1.3.8-2.1		package
libpam-tacplus	fixed	1.3.8-2+deb10u1	buster	package
libpam-tacplus	no-dsa		stretch	package

https://github.com/kravietz/pam_tacplus/commit/4a9852c31c2fd0c0e72fbb689a586aabcfb11cb0
https://github.com/kravietz/pam_tacplus/issues/149

EPSS

Процентиль: 79%

0.01239

Низкий

CVE-2020-13881

CVSS3: 7.5

ubuntu

больше 5 лет назад

In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.

CVE-2020-13881

CVSS3: 7.5

nvd

больше 5 лет назад

In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.

GHSA-gm22-vmf2-hwxg

CVSS3: 7.5

github

больше 3 лет назад

In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.

EPSS

Процентиль: 79%

0.01239

Низкий