Описание
MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.0:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.0.1:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.0.2:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.0.3:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.0.4:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.1:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.2:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.3:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.4:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.5:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.6:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.7:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.8:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.9:*:*:*:*:pcf_tiles:*:*
EPSS
Процентиль: 52%
0.00294
Низкий
10 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-255
Связанные уязвимости
CVSS3: 10
github
больше 3 лет назад
MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.
EPSS
Процентиль: 52%
0.00294
Низкий
10 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-255