How severe is CVE-2017-8001?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.4 out of 10.

What type of vulnerability is CVE-2017-8001?

This is classified as CWE-532, which is a common weakness in software security.

CVE-2017-8001 - HIGH Severity | CVSS 8.4

Vulnerability Description

An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who executed the script in clear text in temporary log files. The temporary files may potentially be read by an unprivileged user with access to the server where the script was executed to recover exposed credentials.

Related Vulnerabilities

CVE-2024-42407

HIGH

CVSS:8.5(High)

Insertion of Sensitive Information into Log File (CWE-532) in the Gallagher Command Centre Alarm Transmitter feature could allow an authenticated Operator to view some security sensitive information t...

CWE-5322024

CVE-2024-29959

HIGH

CVSS:8.6(High)

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node's support save.

CWE-5322024

CVE-2020-10712

HIGH

CVSS:8.2(High)

A flaw was found in OpenShift Container Platform version 4.1 and later. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those lo...

CWE-5322020

CVE-2024-43444

HIGH

CVSS:8.2(High)

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication bac...

CWE-5322024

CVE-2025-31479

HIGH

CVSS:8.2(High)

canonical/get-workflow-version-action is a GitHub composite action to get commit SHA that GitHub Actions reusable workflow was called with. Prior to 1.0.1, if the get-workflow-version-action step fail...

CWE-5322025

CVE-2018-19786

HIGH

CVSS:8.1(High)

HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being repo...

CWE-5322018