CVE-2019-14825
Description
A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users.
Risk Information
Base Score
2.7
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.152
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-14825 are fixed in Ruby-katello 3.12.2 | Windows |
| Vulnerabilities CVE-2019-14825 are fixed in Ruby-katello for Linux 3.12.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234