12 matches found
EUVD-2023-44925
Malicious code in bioql PyPI...
CVE-2023-40354
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08....
The vulnerability of the `var/lib/maxscale/maxscale.cnf.d` component, which is related to the MariaDB MaxScale proxy server, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the var/lib/maxscale/maxscale.cnf.d component of the MariaDB MaxScale proxy server is related to the lack of data encryption measures. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...
CVE-2023-40354
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08....
CVE-2023-40354
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08....
CVE-2023-40354
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08....
Design/Logic Flaw
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08....
CVE-2023-40354
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08....
CVE-2023-40354
An issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a "maxctrl create service" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08....
CVE-2023-40354
Affected software: MariaDB MaxScale. Vulnerability details: When a user runs “maxctrl create service” and enters an encrypted password, the password is stored in cleartext in the generated /var/lib/maxscale/maxscale.cnf.d/.cnf file. Root cause/impact: This leaks credentials and can result in unau...
MariaDB Security Vulnerabilities
MariaDB is a free and open source database management system from the Mariadb Foundation and a forked version of MySQL with the Maria storage engine. A security vulnerability exists in MariaDB MaxScale versions prior to 23.02.3, which stems from the fact that passwords are stored in plaintext in...
PT-2023-4394 · Mariadb · Mariadb Maxscale
Name of the Vulnerable Software and Affected Versions: MariaDB MaxScale versions prior to 2.5.28 MariaDB MaxScale versions prior to 6.4.9 MariaDB MaxScale versions prior to 22.08.8 MariaDB MaxScale versions prior to 23.02.3 Description: An issue was discovered in MariaDB MaxScale where a user...