mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
1 line
1.3 KiB
JSON
1 line
1.3 KiB
JSON
|
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/sensu/sensu/issues/1804"},{"url": "https://github.com/sensu/sensu/pull/1810"}]},"description": {"description_data": [{"lang": "eng","value": "Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensitive configuration data (e.g. passwords) may be logged in clear-text. This attack appear to be exploitable via victims with configuration matching a specific pattern will observe sensitive data outputted in their service log files. This vulnerability appears to have been fixed in 1.2.1 and later, after commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b"}]},"product_name": "Sensu Core"}]},"vendor_name": "Sensu, Inc."}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2/6/2018 17:07:21","ID": "CVE-2018-1000060","ASSIGNER": "kurt@seifried.org","REQUESTER": "justin@sensu.io"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-522"}]}]}}
|