exploitDog

GHSA-c45c-73jc-5cp5

Опубликовано: 24 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. The fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x.

CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. The fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x.

Ссылки

EPSS

Процентиль: 38%

0.00166

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-532

Связанные уязвимости

CVE-2023-31056

CVSS3: 9.1

nvd

почти 3 года назад

CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. The fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x.

EPSS

Процентиль: 38%

0.00166

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-532