Sensitive Information Exposure in brbackup Gem

Sensitive Information Exposure in brbackup Gem

CVE-2014-5004 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

lib/brbackup.rb in the brbackup gem 0.1.1 for Ruby places the database password on the mysql command line, which allows local users to obtain sensitive information by listing the process.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.