VYPR
Unrated severityNVD Advisory· Published Oct 2, 2020· Updated Sep 17, 2024

UAA password may appear in BOSH System Metrics Server process arguments

CVE-2020-5422

Description

BOSH System Metrics Server releases prior to 0.1.0 exposed the UAA password as a flag to a process running on the BOSH director. It exposed the password to any user or process with access to the same VM (through ps or looking at process details).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.