CVE-2016-0898

MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.
References
Link Resource
https://pivotal.io/security/cve-2016-0898 Vendor Advisory
http://www.securityfocus.com/bid/95146 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vmware:pivotal_software_mysql:1.7.0:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.0.1:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.0.2:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.0.3:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.0.4:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.1:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.2:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.3:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.4:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.5:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.6:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.7:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.8:*:*:*:*:pcf_tiles:*:*
cpe:2.3:a:vmware:pivotal_software_mysql:1.7.9:*:*:*:*:pcf_tiles:*:*

Information

Published : 2018-03-29 15:29

Updated : 2021-09-09 10:33


NVD link : CVE-2016-0898

Mitre link : CVE-2016-0898


JSON object : View

CWE
CWE-255

Credentials Management Errors

CWE-532

Insertion of Sensitive Information into Log File

Advertisement

dedicated server usa

Products Affected

vmware

  • pivotal_software_mysql