YugabyteDB
Moderate fix15 remedies
cpe:2.3:a:yugabyte:yugabytedb:*:*:*:*:*:*:*
Moderate fix15 remedies
- >= 2.0, <= 2.18.3.0
- >= 2.0, <= 2.14.13.0
- >= 2.16.7.0
- >= 2.18.3.0
- >= 2.0, <= 2.17.3.0
- >= 2.0, <= 2.13.0.0
- >= 2.0, <= 2.14.0.0
YugabyteDB Diagnostics Information Vulnerability Allowing Exposure of Sensitive gflag Configurations
Vulnerability
Patched
A vulnerability exists in YugabyteDB that allows the collection of diagnostic information from YugabyteDB servers. This information may include sensitive gflag configurations. To address this issue, it is recommended to upgrade the database to a version where this information is properly redacted.
Impact
Exploitation of this vulnerability could lead to the unintentional exposure of sensitive configuration details, potentially allowing for informed attacks or misconfigurations.
Remediation
Users are advised to upgrade YugabyteDB to a version where sensitive diagnostic information is properly redacted. Release notes for version updates can be found on the YugabyteDB website.
Added: Aug 11, 2025, 1:18 PM
Updated: Aug 11, 2025, 1:18 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
2.5exploitability
7.0remediation
7.7relevance
0.3threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.