A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14825 | Issue Tracking Third Party Advisory |
Configurations
History
12 Feb 2023, 23:34
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users. |
02 Feb 2023, 15:17
Type | Values Removed | Values Added |
---|---|---|
Summary | A cleartext password storage issue was discovered in Katello. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users. | |
References |
|
29 Oct 2021, 15:09
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-312 |
Information
Published : 2019-11-25 16:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-14825
Mitre link : CVE-2019-14825
CVE.ORG link : CVE-2019-14825
JSON object : View
Products Affected
theforeman
- katello
CWE
CWE-312
Cleartext Storage of Sensitive Information