Sensitive Information Exposure through Command Line Arguments
CVE-2014-4993 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
(1) lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and (2) lib/backup/cli/utility.rb in the backup_checksum gem 3.0.23 for Ruby place credentials on the openssl command line, which allows local users to obtain sensitive information by listing the process.
Learn more about our User Device Pen Test.