Plaintext Logging of AWS Access Key in MySQL for PCF Tiles 1.7.x before 1.7.10

Plaintext Logging of AWS Access Key in MySQL for PCF Tiles 1.7.x before 1.7.10

CVE-2016-0898 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.