{"vulnerability": "CVE-2023-40354", "sightings": [{"uuid": "3d5a88de-0325-45f4-8a37-84a2561c08d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40354", "type": "seen", "source": "https://t.me/cibsecurity/68455", "content": "\u203c CVE-2023-40354 \u203c\n\nAn issue was discovered in MariaDB MaxScale before 23.02.3. A user enters an encrypted password on a \"maxctrl create service\" command line, but this password is then stored in cleartext in the resulting .cnf file under /var/lib/maxscale/maxscale.cnf.d. The fixed versions are 2.5.28, 6.4.9, 22.08.8, and 23.02.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T20:19:30.000000Z"}]}