CVE-2019-14825 – katello: registry credentials are captured in plain text during repository discovery
https://notcve.org/view.php?id=CVE-2019-14825
A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credentials to other privileged users. Se detectó un problema de almacenamiento de contraseña en texto sin cifrar en Katello, versiones 3.x.x.x anteriores a katello 3.12.0.9. Las credenciales de registro utilizadas durante la detección de imágenes del contenedor se registraron inadvertidamente sin enmascararse. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14825 https://access.redhat.com/security/cve/CVE-2019-14825 https://bugzilla.redhat.com/show_bug.cgi?id=1739485 • CWE-312: Cleartext Storage of Sensitive Information •