CVE-2019-3781 – CF CLI does not sanitize user's password in verbose/trace/debug

https://notcve.org/view.php?id=CVE-2019-3781

07 Mar 2019 — Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs may gain part or all of a users password. Cloud Foudry CLI, en versiones anteriores a v6.43.0, expone contraseñas de manera incorrecta cuando verbose/trace/debugging está habilitado. Un usuario no autenticado o un usuario remoto autenticado malicioso con acceso a los logs podría obtener parte o toda la contras... • http://www.securityfocus.com/bid/107365 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-215: Insertion of Sensitive Information Into Debugging Code •