Log File Exposure: Unauthorized Access to Kafka Credentials in Jaeger Tracing

Log File Exposure: Unauthorized Access to Kafka Credentials in Jaeger Tracing

CVE-2020-10750 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used. This flaw allows an attacker with access to the container's log file to discover the Kafka credentials.

Learn more about our Web Application Penetration Testing UK.