Lucene search
GoogleOSV:GHSA-MW25-F5R2-HPC6HistoryJan 06, 2022 - 10:23 p.m.
Insertion of Sensitive Information into Log File in Apache Geode
2022-01-0622:23:25
Google
osv.dev
20
apache geode
sensitive information
log file
redaction flaw
passwords
security properties
sysprop
javax.net.ssl
version 1.12.5
version 1.13.5
version 1.14.0
EPSS
0.001
Percentile
51.2%
Apache Geode versions up to 1.12.4 and 1.13.4 are vulnerable to a log file redaction of sensitive information flaw when using values that begin with characters other than letters or numbers for passwords and security properties with the prefix “sysprop-”, “javax.net.ssl”, or “security-”. This issue is fixed by overhauling the log file redaction in Apache Geode versions 1.12.5, 1.13.5, and 1.14.0.
Related
cvelist
cvelist
nvd
nvd
CVE-2021-34797
2022-01-04 09:15:07
cve
cve
CVE-2021-34797
2022-01-04 09:15:07
veracode
veracode
Information Disclosure
2022-01-05 04:12:23
cnvd
cnvd
Apache Geode Injection Vulnerability
2022-01-07 00:00:00
osv
osv
CVE-2021-34797
2022-01-04 09:15:07
prion
prion
Design/Logic Flaw
2022-01-04 09:15:00
github
github
Insertion of Sensitive Information into Log File in Apache Geode
2022-01-06 22:23:25