Описание
Allegro AI ClearML Stores Credentials in Plaintext in MongoDB Instance
Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulting in a compromised server leaking all user emails and passwords.
Пакеты
Наименование
clearml
pip
Затронутые версииВерсия исправления
<= 1.14.2
Отсутствует
Связанные уязвимости
CVSS3: 6
nvd
около 2 лет назад
Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulting in a compromised server leaking all user emails and passwords.