Описание
A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0.0.0 (включая) до 3.12.0.9 (исключая)
cpe:2.3:a:theforeman:katello:*:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00152
Низкий
4.1 Medium
CVSS3
2.7 Low
CVSS3
4 Medium
CVSS2
Дефекты
CWE-312
CWE-312
Связанные уязвимости
CVSS3: 4.1
redhat
больше 6 лет назад
A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users.
EPSS
Процентиль: 36%
0.00152
Низкий
4.1 Medium
CVSS3
2.7 Low
CVSS3
4 Medium
CVSS2
Дефекты
CWE-312
CWE-312