Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used. This flaw allows an attacker with access to the container's log file to discover the Kafka credentials.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
jaegertracing/jaeger 日志信息泄露漏洞
Vulnerability Description
Jaeger是美国Linux基金会发布的一款开源的分布式系统监控服务,它主要用于监视分布式系统中的事务并进行故障排除等。 jaegertracing/jaeger 1.18.1之前版本中存在日志信息泄露漏洞。攻击者可通过访问容器的日志文件利用该漏洞获取Kafka凭据。
CVSS Information
N/A
Vulnerability Type
N/A