0.002 Low
EPSS
Percentile
52.5%
It was found that Ceph RGW did not properly sanitize encryption keys in debug logging for v4 auth. Encryption keys could be inadvertently disclosed when sharing debug logs.
bugzilla.redhat.com/show_bug.cgi?id=1665334
nvd.nist.gov/vuln/detail/CVE-2018-16889
www.cve.org/CVERecord?id=CVE-2018-16889