An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present.
References
Configurations
History
07 Nov 2023, 03:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2020-01-28 01:15
Updated : 2024-02-28 17:28
NVD link : CVE-2020-1928
Mitre link : CVE-2020-1928
CVE.ORG link : CVE-2020-1928
JSON object : View
Products Affected
apache
- nifi
CWE
CWE-532
Insertion of Sensitive Information into Log File