Today > | 4 Medium | 2 Low vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-0006

July 19, 2024, 3:15 p.m.

Product(s) Impacted

Yugabyte Platform

Description

Information exposure in the logging system in Yugabyte Platform allows local attackers with access to application logs to obtain database user credentials in log files, potentially leading to unauthorized database access.

Weaknesses

CWE-532
Insertion of Sensitive Information into Log File

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

CWE ID: 532

Date

Published: July 19, 2024, 3:15 p.m.

Last Modified: July 19, 2024, 3:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@yugabyte.com

References

https://github.com/ security@yugabyte.com

https://github.com/ security@yugabyte.com

https://github.com/ security@yugabyte.com