CVE-2018-16889
HIGH7.5EPSS 0.07%發布日:2019/1/28修改日:2026/4/28
描述
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable.
受影響套件(1)
- Debian/cephfrom 0, < 12.2.11+dfsg1-1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |