Cisco Bug: CSCvi98301 - Git1277: [dnac platform] Remote Server password & passphrase are displayed as "Clear Text" in logs
May 09, 2018
- Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM)
Known Affected Releases
Symptom: A vulnerability in logging components of Cisco DNA Center could allow an authenticated, local attacker to gain access to sensitive information. The vulnerability is due to unsafe logging of sensitive information, including credential information, within system logs. An attacker could exploit this vulnerability by viewing system logs. An exploit could allow the attacker to gain access to sensitive information and conduct further attacks. Conditions: When configuring the Backup Server settings, the remote server password and passphrase is displayed in ''Clear Text''.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases