Lucene search
ApacheCVELIST:CVE-2021-34797HistoryJan 04, 2022 - 8:55 a.m.
CVE-2021-34797 Apache Geode project log file redaction of sensitive information vulnerability
2022-01-0408:55:20
CWE-532
apache
www.cve.org
4
cve-2021-34797
apache geode
log file redaction
sensitive information
vulnerability
Apache Geode versions up to 1.12.4 and 1.13.4 are vulnerable to a log file redaction of sensitive information flaw when using values that begin with characters other than letters or numbers for passwords and security properties with the prefix “sysprop-”, “javax.net.ssl”, or “security-”. This issue is fixed by overhauling the log file redaction in Apache Geode versions 1.12.5, 1.13.5, and 1.14.0.
CNA Affected
[
{
"product": "Apache Geode",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.12.4",
"status": "affected",
"version": "Apache Geode",
"versionType": "custom"
}
]
}
]Related
osv
osv
Insertion of Sensitive Information into Log File in Apache Geode
2022-01-06 22:23:25
CVE-2021-34797
2022-01-04 09:15:07
prion
prion
Design/Logic Flaw
2022-01-04 09:15:00
github
github
Insertion of Sensitive Information into Log File in Apache Geode
2022-01-06 22:23:25
nvd
nvd
CVE-2021-34797
2022-01-04 09:15:07
cve
cve
CVE-2021-34797
2022-01-04 09:15:07
veracode
veracode
Information Disclosure
2022-01-05 04:12:23
cnvd
cnvd
Apache Geode Injection Vulnerability
2022-01-07 00:00:00