Security Advisory

CVE-2020-7196

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-10-26 15:05:48

Last updated 2024-08-04 09:25:47

Assigner hpe

State PUBLISHED

Description

The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the url "/bdswebui/assignusers/".

← Browse all CVEs View on cve.org ↗