EPSS
Percentile
12.6%
mistal-lib is vulnerable to information disclosure. Confidential data such as user provided and generated passwords, certificates, ssh keys etc. from the TripleO heat stack is disclosed in plaintext in th emistral logs on the undercloud.
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3866
launchpadlibrarian.net/449472809/0001-Ensure-we-mask-sensitive-data-from-Mistral-Action-lo.patch