MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HVMware Pivotal Software MySQL
APPVmware1.7.01.7.0.11.7.0.21.7.0.31.7.0.41.7.11.7.21.7.31.7.41.7.51.7.61.7.71.7.81.7.9
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2025-22224CRITICAL9.3⚠ KEVPL ✓ten sam vendor
VMware ESXi/Workstation: TOCTOU umożliwia ucieczkę z VM przez VMX process
CVE-2024-38812CRITICAL9.8⚠ KEVPL ✓ten sam vendor
VMware vCenter Server — heap-overflow w DCERPC umożliwia RCE
CVE-2024-37079CRITICAL9.8⚠ KEVPL ✓ten sam vendor
Heap overflow w VMware vCenter Server via protokół DCERPC — RCE
CVE-2023-34048CRITICAL9.8⚠ KEVten sam vendor
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A m...
CVE-2023-20887CRITICAL9.8⚠ KEVten sam vendor
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access...