CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-19786
https://notcve.org/view.php?id=CVE-2018-19786
05 Dec 2018 — HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported. HashiCorp Vault en versiones anteriores a la 1.0.0 escribe la clave maestra en el registro del servidor en ciertos escenarios inusuales o mal configurados, en los cuales los datos incorrectos provienen del mecanismo de autosellado sin que se reporte un error. • https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#100-december-3rd-2018 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-5711
https://notcve.org/view.php?id=CVE-2015-5711
29 Sep 2015 — TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File Transfer Command Center before 7.2.5, Slingshot before 1.9.4, and Vault before 2.0.1 allow remote authenticated users to obtain sensitive information via a crafted HTTP request. Vulnerabilidad en TIBCO Managed File Transfer Internet Server en versiones anteriores a 7.2.5, Managed File Transfer Command Center en versiones anteriores a 7.2.5, Slingshot en versiones anteriores a 1.9.4 y Vault en versiones anteriores a 2.0.1, permite a usuar... • http://www.securitytracker.com/id/1033678 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2014-7194
https://notcve.org/view.php?id=CVE-2014-7194
21 Nov 2014 — TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File Transfer Command Center before 7.2.4, Slingshot before 1.9.3, and Vault before 1.1.1 allow remote attackers to obtain sensitive information or modify data by leveraging agent access. TIBCO Managed File Transfer Internet Server anterior a 7.2.4, Managed File Transfer Command Center anterior a 7.2.4, Slingshot anterior a 1.9.3, y Vault anterior a 1.1.1 permite a atacantes remotos obtener información sensible o modificar datos aprovechandos... • http://www.tibco.com/assets/blt7454ec3ae638d8c4/mft-advisory-20141029-008.txt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2014-2545
https://notcve.org/view.php?id=CVE-2014-2545
30 Apr 2014 — TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive information via a crafted HTTP request. TIBCO Managed File Transfer Internet Server anterior a 7.2.2, Managed File Transfer Command Center anterior a 7.2.2, Slingshot anterior a 1.9.1 y Vault anterior a 1.0.1 permiten a atacantes remotos obtener información sensible a través de una solicitud HTTP manipulada. • http://www.tibco.com/mk/advisory.jsp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •