CVE-2020-10750

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-10750

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-10750.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-10750

Aliases

Related

CGA-r3m6-j9rf-6qrg

Withdrawn

2024-05-15T05:33:50.735877Z

Published

2020-06-19T20:15:12Z

Modified

2024-08-21T15:58:35.347100Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used. This flaw allows an attacker with access to the container's log file to discover the Kafka credentials.

References

Affected packages

Git / github.com/jaegertracing/jaeger

Affected ranges

Type: GIT
Repo: https://github.com/jaegertracing/jaeger
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

126701a4650325080f36e4a4fd8d8e6fd95023c1

Affected versions

v0.*

v0.5.0

v0.5.1

v0.5.2

v0.6.0

v0.7.0

v0.8.0

v0.9.0

v1.*

v1.0.0

v1.1.0

v1.10.0

v1.10.1

v1.11.0

v1.12.0

v1.13.0

v1.13.1

v1.14.0

v1.15.0

v1.15.1

v1.16.0

v1.17.0

v1.18.0

v1.2.0

v1.3.0

v1.4.0

v1.4.1

v1.5.0

v1.6.0

v1.7.0

v1.8.0

v1.9.0