Sensitive Data Disclosure Vulnerability

(CVE-2022-38107)

Summary

Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details.

Affected Products

SQL Sentry 2021.18.10 and previous versions

Fixed Software Release

SQL Sentry 2022.4

Advisory Details

Severity

4.3 Medium

Advisory ID

First Published

10/18/2022

Last Updated

10/18/2022

Version

SQL Sentry 2022.4

CVSS Score

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:
L/I:N/A:N/MAV:N