Vulnerability report: SMTP credentials in cleartext in log file #42

rommelfs · 2019-07-18T06:27:41Z

from /tmp/console.log:

2019-07-16 23:44:31.904  INFO 3082 --- [ool-20-thread-7] c.i.c.c.c.s.ExternalProcessService       :   "mail": {
2019-07-16 23:44:31.904  INFO 3082 --- [ool-20-thread-7] c.i.c.c.c.s.ExternalProcessService       :     "host": "localhost",
2019-07-16 23:44:31.905  INFO 3082 --- [ool-20-thread-7] c.i.c.c.c.s.ExternalProcessService       :     "port": "25",
2019-07-16 23:44:31.905  INFO 3082 --- [ool-20-thread-7] c.i.c.c.c.s.ExternalProcessService       :     "username": "username",
2019-07-16 23:44:31.906  INFO 3082 --- [ool-20-thread-7] c.i.c.c.c.s.ExternalProcessService       :     "password": "password",
[...]

The text was updated successfully, but these errors were encountered:

intrasoft-rmalik assigned thanosa75 Jul 25, 2019

intrasoft-rmalik added needs triage to be researched and removed needs triage labels Jul 25, 2019

thanosa75 added bug Something isn't working and removed to be researched labels Aug 6, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerability report: SMTP credentials in cleartext in log file #42

Vulnerability report: SMTP credentials in cleartext in log file #42

rommelfs commented Jul 18, 2019

Vulnerability report: SMTP credentials in cleartext in log file #42

Vulnerability report: SMTP credentials in cleartext in log file #42

Comments

rommelfs commented Jul 18, 2019