CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2016-0898

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0770%
EPSS Percentile20.46th
Published2018年3月29日
Last Modified2024年11月21日

Vulnerability Description

MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.

Affected Platforms (CPE)

📦
Vmware

Pivotal Software Mysql

= 1.7.0
📦
Vmware

Pivotal Software Mysql

= 1.7.0.1
📦
Vmware

Pivotal Software Mysql

= 1.7.0.2
📦
Vmware

Pivotal Software Mysql

= 1.7.0.3
📦
Vmware

Pivotal Software Mysql

= 1.7.0.4
📦
Vmware

Pivotal Software Mysql

= 1.7.1
📦
Vmware

Pivotal Software Mysql

= 1.7.2
📦
Vmware

Pivotal Software Mysql

= 1.7.3
📦
Vmware

Pivotal Software Mysql

= 1.7.4
📦
Vmware

Pivotal Software Mysql

= 1.7.5
📦
Vmware

Pivotal Software Mysql

= 1.7.6
📦
Vmware

Pivotal Software Mysql

= 1.7.7
📦
Vmware

Pivotal Software Mysql

= 1.7.8
📦
Vmware

Pivotal Software Mysql

= 1.7.9

References & Advisories

🔗 http://www.securityfocus.com/bid/95146
🔗 https://pivotal.io/security/cve-2016-0898
🔗 http://www.securityfocus.com/bid/95146
🔗 https://pivotal.io/security/cve-2016-0898

相關漏洞威脅

CVE-2016-193110.0

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial...

CVE-2016-134310.0

The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service ...

CVE-2016-198510.0

HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java ...

CVE-2016-478710.0

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers t...