Showing 1 - 3 of 3

CVE-2018-1000060

Status Candidate

Overview

Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensitive configuration data (e.g. passwords) may be logged in clear-text. This attack appear to be exploitable via victims with configuration matching a specific pattern will observe sensitive data outputted in their service log files. This vulnerability appears to have been fixed in 1.2.1 and later, after commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b.

Related Files

Red Hat Security Advisory 2018-1606-01: Posted May 17, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1606-01 - Sensu is a monitoring framework that aims to be simple, malleable, and scalable. Security fix: Sensu's redaction function fails to handle the redaction of sensitive data in deeply nested data structures, resulting in sensitive data, such as passwords, being logged in clear-text. For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Issues addressed include a failed redaction issue.; tags | advisory; systems | linux, redhat; advisories | CVE-2018-1000060; SHA-256 | 45e99473cc6898aca3f57360cc0eb1aacd5d41ec12447f5148adf26ed2382d7e; Download | Favorite | View

Red Hat Security Advisory 2018-1112-01: Posted Apr 11, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-1112-01 - Sensu is a monitoring framework that aims to be simple, malleable, and scalable. Issues addressed include information disclosure.; tags | advisory, info disclosure; systems | linux, redhat; advisories | CVE-2018-1000060; SHA-256 | 5374ea2480df2c3d37336f459b60d7cb57cc30a446d2e0b1aeb1aedfc1e20bcd; Download | Favorite | View

Red Hat Security Advisory 2018-0616-01: Posted Mar 29, 2018; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2018-0616-01 - Sensu is a monitoring framework that aims to be simple, malleable, and scalable. Issues addressed include a password exposure vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2018-1000060; SHA-256 | 2d620761afe48f2449624bf989529b12a8d4d286e57a07c1d1804822b1f9a517; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 305 files
Ubuntu 67 files
Debian 23 files
Gentoo 8 files
LiquidWorm 6 files
Apple 5 files
Google Security Research 5 files
Spencer McIntyre 3 files
Ivan Fratric 3 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CVE-2018-1000060

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems