2023-10-31
CVE-2023-45865
Environment variable values that are included in configuration are logged as plaintext when log-config-on-start
is enabled in Akka. Such environment variables may contain secrets that should not be revealed.
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C
Overall CVSS Score: 5.4
A person with access to service logs could gain credentials.
Environment variable values from config are not logged.