Skip to main content
Delphix

TB084 Leaked Password When Using EBS Plugins, HANA Plugins, or ASE Hooks

 

 

Alert Type

Security

Impact

FIPS 199 Severity Level: High

CVSS Score: 8.2

Attack Vector (AV): L

Attack Complexity (AC): L

Privileges Required (PR): L

User Interaction (UI): R

Scope (S): C

Confidentiality (C): H

Integrity (I): H

Availability (A): H

 

Delphix logs environment variables on connected target environments to help with diagnosis. It has now been found that some plugins and hooks pass sensitive information such as database passwords in environment variables. This results in the sensitive information being logged. Custom hooks used with ASE along with EBS and HANA data sources are known to include passwords. It should also be noted that any custom connectors might also contain sensitive data in environment variables and could be susceptible to this issue.

Contributing Factors

 
Click here to view the versions of the Delphix engine to which this article applies
Major Release All Sub Releases
6.0 6.0.0.0, 6.0.1.0, 6.0.1.1, 6.0.2.0, 6.0.2.1, 6.0.3.0, 6.0.3.1, 6.0.4.0, 6.0.4.1, 6.0.4.2, 6.0.5.0

5.3

5.3.0.0, 5.3.0.1, 5.3.0.2, 5.3.0.3, 5.3.1.0, 5.3.1.1, 5.3.1.2, 5.3.2.0, 5.3.3.0, 5.3.3.1, 5.3.4.0, 5.3.5.0 5.3.6.0, 5.3.7.0, 5.3.7.1, 5.3.8.0, 5.3.8.1, 5.3.9.0

5.2

5.2.1.0, 5.2.2.0, 5.2.2.1, 5.2.3.0, 5.2.3.1, 5.2.4.0, 5.2.5.0, 5.2.5.1, 5.2.6.0, 5.2.6.1, 5.2.6.2

5.1

5.1.3.1, 5.1.4.0, 5.1.5.0, 5.1.5.1, 5.1.6.0, 5.1.7.0, 5.1.8.0, 5.1.8.1, 5.1.9.0, 5.1.10.0

5.0

5.0.1.0, 5.0.1.1, 5.0.2.0, 5.0.2.1, 5.0.2.2, 5.0.2.3, 5.0.3.0, 5.0.3.1, 5.0.4.0, 5.0.4.1 ,5.0.5.0, 5.0.5.1, 5.0.5.2, 5.0.5.3, 5.0.5.4, 5.0.5.5

Passwords appear in log files when using any of the following functionality in the Delphix Virtualization Engine:

  • Hooks functionality with ASE

  • EBS plugin

  • HANA plugin

Symptoms

Log messages which include environment passwords may be present in the log files on target hosts found in the /work/Delphix_*_host/log/connector and /tmp/Delphix_*_host/log/connector directories.

Relief/Workaround

  • Upgrade to version 6.0.6.0 of the Delphix Engine.

  • Remove any impacted logs on the target hosts.

  • Delphix highly recommends changing all passwords that may have been exposed.

Resolution

Upon migration or upgrade to the Delphix version 6.0.6.0 release, the target hosts are automatically refreshed in order to prevent this issue from recurring.

If an engine has been impacted by this issue, delete the impacted log files that are on the target hosts.

Additional Information

N/A

Related Documents

N/A