6 matches found
CVE-2024-32474
Sentry is an error tracking and performance monitoring platform. Prior to 24.4.1, when authenticating as a superuser to Sentry with a username and password, the password is leaked as cleartext in logs under the event: auth-index.validatesuperuser. An attacker with access to the log data could use...
CVE-2024-32474 Sentry's superuser cleartext password leaked in logs
Sentry is an error tracking and performance monitoring platform. Prior to 24.4.1, when authenticating as a superuser to Sentry with a username and password, the password is leaked as cleartext in logs under the event: auth-index.validatesuperuser. An attacker with access to the log data could use...
CVE-2024-32474
Sentry vulnerability CVE-2024-32474: Before 24.4.1, authenticating as a superuser with a username and password leaks the password in logs under the event event : auth-index.validate_superuser. An attacker with access to the log data could use these credentials to log in as superuser. Affected are...
PT-2024-24600 · Sentry · Sentry
Name of the Vulnerable Software and Affected Versions: Sentry versions prior to 24.4.1 Description: Sentry is an error tracking and performance monitoring platform. When authenticating as a superuser to Sentry with a username and password, the password is leaked as cleartext in logs under the eve...
CVE-2022-28812 Use of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server.
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device...
CVE-2022-28812 Use of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server.
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device...