CVE-2021-25284

Опубликовано: 25 фев. 2021

Источник: redhat

CVSS3: 4.1

Описание

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.

A flaw was found in salt. Webutils write passwords in cleartext to /var/log/salt/minion.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Ceph Storage 2	salt	Out of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-312

https://bugzilla.redhat.com/show_bug.cgi?id=1933339salt: webutils write passwords in cleartext to /var/log/salt/minion

4.1 Medium

CVSS3

Связанные уязвимости

CVE-2021-25284

CVSS3: 4.4

ubuntu

почти 5 лет назад

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.

CVE-2021-25284

CVSS3: 4.4

nvd

почти 5 лет назад

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.

CVE-2021-25284

CVSS3: 4.4

debian

почти 5 лет назад

An issue was discovered in through SaltStack Salt before 3002.5. salt. ...

GHSA-r55w-xph5-xvx2

CVSS3: 4.4

github

больше 3 лет назад

SaltStack Salt Cleartext Storage of Sensitive Information via cmdmod

openSUSE-SU-2021:0347-1

suse-cvrf

почти 5 лет назад

Security update for salt

4.1 Medium

CVSS3