10
CVE-2016-0898
- EPSS 0.31%
- Veröffentlicht 29.03.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 02:42:35
- Quelle security_alert@emc.com
- Teams Watchlist Login
- Unerledigt Login
MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMware ≫ Pivotal Software Mysql Version1.7.0 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.0.1 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.0.2 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.0.3 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.0.4 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.1 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.2 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.3 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.4 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.5 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.6 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.7 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.8 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.9 SwPlatformpcf_tiles
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.31% | 0.511 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 3.9 | 6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.