Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Support -> System Report exposes credentials in plain text

Description

Generate System Report function exposes credentials in plain text, e.g. Kafka jaas configuration from System Properties, snmpv3 credentials from snmp-config.xml

The System Report function is restricted to ROLE_ADMIN users.

Acceptance / Success Criteria

None

Lucidchart Diagrams

Activity

Show:

Gerald Humphries February 1, 2022 at 3:16 PM
Edited

Issue moved to done too early, reopened to put it into Review.

Gerald Humphries February 1, 2022 at 2:08 PM

Sandy Skipper December 14, 2021 at 4:27 PM

Product management will create an epic.

Jeff Jancula December 9, 2021 at 9:48 PM

Changed to security-moderate because exposure is limited to ROLE_ADMIN. (Otherwise would be -high.)

Jeff Gehlbach December 7, 2021 at 3:14 PM

Scooting security level over to company-only until we can address this in a release.

Fixed

Details

Assignee

Reporter

Labels

HB Grooming Date

HB Backlog Status

FD#

Story Points

Components

Sprint

Fix versions

Affects versions

Priority

PagerDuty

Created December 7, 2021 at 2:16 PM
Updated November 10, 2022 at 7:12 PM
Resolved February 14, 2022 at 3:08 PM