CVE-2023-50740 Vulnerability Details

  /     /     /  

CVE-2023-50740 Metadata Quick Info

CVE Published: 06/03/2024 | CVE Updated: 08/11/2024 | CVE Year: 2023
Source: apache | Vendor: Apache Software Foundation | Product: Apache Linkis DataSource
Status : PUBLISHED

---

CVE-2023-50740 Description

In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module.  We recommend users upgrade the version of Linkis to version 1.5.0

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-532
CWE Name: CWE-532 Insertion of Sensitive Information into Log File
Source: Apache Software Foundation

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).