10
CVE-2016-0898
- EPSS 0.31%
- Published 29.03.2018 22:29:00
- Last modified 21.11.2024 02:42:35
- Source security_alert@emc.com
- Teams watchlist Login
- Open Login
MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.
Data is provided by the National Vulnerability Database (NVD)
VMware ≫ Pivotal Software Mysql Version1.7.0 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.0.1 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.0.2 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.0.3 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.0.4 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.1 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.2 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.3 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.4 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.5 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.6 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.7 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.8 SwPlatformpcf_tiles
VMware ≫ Pivotal Software Mysql Version1.7.9 SwPlatformpcf_tiles
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.31% | 0.511 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 3.9 | 6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.