| |
Vulnerability CVE-2019-14825
Published: 2019-11-25 Modified: 2019-11-29
| Description: |
A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users. |
Type:
CWE-319 (Cleartext Transmission of Sensitive Information)
CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4/10 |
2.9/10 |
8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14825
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
