CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-31816

HIGH
7.5
CVSS Severity Score
EPSS Score0.1470%
EPSS Percentile21.94th
Published2021年7月8日
Last Modified2024年11月21日

Vulnerability Description

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext.

Affected Platforms (CPE)

📦
Octopus

Server

< 2020.6.5146
📦
Octopus

Server

>= 2021.1.0 and < 2021.1.7316

References & Advisories

🔗 https://advisories.octopus.com/adv/2021-05---Cleartext-Storage-of-Sensitive-Information-%28CVE-2021-31816%29.2121793537.html
🔗 https://advisories.octopus.com/adv/2021-05---Cleartext-Storage-of-Sensitive-Information-%28CVE-2021-31816%29.2121793537.html

相关漏洞威胁

CVE-2017-1013710.0

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that ar...

CVE-2017-1290510.0

Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information ...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-2017-1129110.0

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists tha...