CVE-2021-31817

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext...

IBM Tivoli Directory Server ldapinst.log DB2 Admin Password Disclosure

The remote installation of Tivoli Directory Server created a file called 'ldapinst.log' that contains the login and password of the IBM DB2 database used for this service. An attacker who could get access to this file or a backup of it would be able to log into the DB2 database and modify its...