Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
NeuVector process with sensitive arguments lead to leakage
Vulnerability Description
When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation the password will appear in the NeuVector security event log.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
NeuVector 安全漏洞
Vulnerability Description
NeuVector是美国NeuVector公司的一套端到端的容器安全平台。该平台包括图像漏洞管理、准入控制和容器进程/文件系统保护等功能。 NeuVector存在安全漏洞,该漏洞源于执行带有密码参数的Java命令时,密码会出现在安全事件日志中,可能导致敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A