exploitDog

GHSA-qxj4-46g2-7rv9

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2.5.24, 2.6.x prior to 2.6.16, and 2.7.x prior to 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well.

Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2.5.24, 2.6.x prior to 2.6.16, and 2.7.x prior to 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well.

Ссылки

EPSS

Процентиль: 65%

0.00491

Низкий

CVE ID

Связанные уязвимости

CVE-2019-11292

CVSS3: 6.5

nvd

около 6 лет назад

Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2.5.24, 2.6.x prior to 2.6.16, and 2.7.x prior to 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well.

EPSS

Процентиль: 65%

0.00491

Низкий

CVE ID