CVE-2019-14825

Severity CVSS v4.0:
Pending analysis
Type:
CWE-312 Cleartext Storage of Sensitive Information
Publication date:
25/11/2019
Last modified:
12/02/2023

Description

A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:theforeman:katello:*:*:*:*:*:*:*:* 3.0.0.0 (including) 3.12.0.9 (excluding)


References to Advisories, Solutions, and Tools