Insecure Password Handling in lean-ruport Gem's tc_database.rb
CVE-2014-4998 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
test/tc_database.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.