In Spring Vault, versions 3.0.x before 3.0.2 and versions 2.3.x before 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware spring vault |
||
vmware spring cloud vault 4.0.0 |
||
vmware spring cloud config |
||
vmware spring cloud vault |