Back to search
CVE-2020-1928
Published: Jan 28, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present.
| Vendor | Product | Versions |
|---|---|---|
Apache Software Foundation | Apache NiFi | affected Apache NiFi 1.10.0 |
References
https://nifi.apache.org/security.html#CVE-2020-1928
x_refsource_CONFIRM
[tomcat-users] 20200302 Re: AW: [SECURITY] CVE-2020-1938 AJP Request Injection and potentialRemote Code Execution
mailing-list
x_refsource_MLIST
[tomcat-users] 20200302 AW: [SECURITY] CVE-2020-1938 AJP Request Injection and potentialRemote Code Execution
mailing-list
x_refsource_MLIST
[tomcat-users] 20200302 Re: [SECURITY] CVE-2020-1938 AJP Request Injection and potential Remote Code Execution
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now