Werk #6549: Crash reports: Filter out password/_password from HTTP vars of GUI crashes

Komponente User interface
Titel Crash reports: Filter out password/_password from HTTP vars of GUI crashes
Datum 05.09.2018
Checkmk Edition Checkmk Raw (CRE)
Checkmk-Version 1.5.0p4 1.6.0b1
Level Kleine Änderung
Klasse Bugfix
Kompatibilität Kompatibel - benötigt kein manuelles Eingreifen

When a crash occurs during the login procedure where a user entered his password during verification of this password, the crash could contain this password in plain text in the HTTP variable data structure. The vars named password/_password are now explicitly filtered to prevent this.

Zur Liste aller Werks