Lucene search

K
osvGoogleOSV:CVE-2018-1000060
HistoryFeb 09, 2018 - 11:29 p.m.

CVE-2018-1000060

2018-02-0923:29:02
Google
osv.dev
4

9.6 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.8%

Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensitive configuration data (e.g. passwords) may be logged in clear-text. This attack appear to be exploitable via victims with configuration matching a specific pattern will observe sensitive data outputted in their service log files. This vulnerability appears to have been fixed in 1.2.1 and later, after commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b.

9.6 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.8%