Vulnerability Description
Information exposure in the logging system in Yugabyte Platform allows local attackers with access to application logs to obtain database user credentials in log files, potentially leading to unauthorized database access.
Related Weaknesses (CWE)
References
- https://github.com/yugabyte/yugabyte-db/commit/439c6286f1971f9ac6bff2c7215b454c2
- https://github.com/yugabyte/yugabyte-db/commit/5cc7f4e15d6ccccbf97c57946fd0aa630
- https://github.com/yugabyte/yugabyte-db/commit/d96e6b629f34d065b47204daeeb44064e
- https://github.com/yugabyte/yugabyte-db/commit/439c6286f1971f9ac6bff2c7215b454c2
- https://github.com/yugabyte/yugabyte-db/commit/5cc7f4e15d6ccccbf97c57946fd0aa630
- https://github.com/yugabyte/yugabyte-db/commit/d96e6b629f34d065b47204daeeb44064e
FAQ
What is CVE-2024-0006?
CVE-2024-0006 is a documented vulnerability. Information exposure in the logging system in Yugabyte Platform allows local attackers with access to application logs to obtain database user credentials in log files, potentially leading to unauthor...
How severe is CVE-2024-0006?
CVSS scoring is not yet available for CVE-2024-0006. Check NVD for updates.
Is there a patch for CVE-2024-0006?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.