CVE-2020-10750

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-10750

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10750.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-10750

Aliases

Published

2020-06-19T20:15:12.867Z

Modified

2026-04-11T22:56:47.201525Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used. This flaw allows an attacker with access to the container's log file to discover the Kafka credentials.

References

Affected packages

Git / github.com/jaegertracing/jaeger

Affected ranges

Type

GIT

Repo

https://github.com/jaegertracing/jaeger

Events

Introduced

Fixed

126701a4650325080f36e4a4fd8d8e6fd95023c1

Database specific

{
    "source": [
        "CPE_FIELD",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.18.1"
        }
    ],
    "cpe": "cpe:2.3:a:linuxfoundation:jaeger:*:*:*:*:*:*:*:*"
}

Affected versions

v0.*

v0.5.0

v0.5.1

v0.5.2

v0.6.0

v0.7.0

v0.8.0

v0.9.0

v1.*

v1.0.0

v1.1.0

v1.10.0

v1.10.1

v1.11.0

v1.12.0

v1.13.0

v1.13.1

v1.14.0

v1.15.0

v1.15.1

v1.16.0

v1.17.0

v1.18.0

v1.2.0

v1.3.0

v1.4.0

v1.4.1

v1.5.0

v1.6.0

v1.7.0

v1.8.0

v1.9.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10750.json"