Tejas created CLOUDSTACK-6287:
---------------------------------
Summary: While adding Secondary storage as SMB/CIFS in CS 4.3
Domain controller password appears in plan text in key/pair value.
Key: CLOUDSTACK-6287
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6287
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Hypervisor Controller, Storage Controller
Affects Versions: 4.3.0
Environment: CentOS 6.3 x64-64, Hyperv hypervisor
Reporter: Tejas
Priority: Critical
While adding Secondary storage as SMB/CIFS in CS 4.3 Domain controller password
appears in plan text in key/pair value.
Logs are as below,
2014-03-27 09:49:47,611 INFO [o.a.c.s.d.l.CloudStackImageStoreLifeCycleImpl]
(catalina-exec-12:ctx-bd85f47b ctx-df8f3444) Trying to add a new data store at
cifs://10.129.151.61/Secondary to data center 1
2014-03-27 09:49:47,977 DEBUG [c.c.a.ApiServlet] (catalina-exec-12:ctx-bd85f47b
ctx-df8f3444) ===END=== 10.129.150.62 -- GET
command=addImageStore&response=json&sessionkey=pjC%2B%2FjnddbFmQI7MtdDgo%2Bf5JmQ%3D&name=Secondary&provider=SMB&zoneid=5e5a7fee-9e4e-47df-86fa-c19da8240e84&url=cifs%3A%2F%2F10.129.151.61%2FSecondary&details%5B0%5D.key=user&details%5B0%5D.value=administrator&details%5B1%5D.key=password&details%5B1%5D.value=C1sco123&details%5B2%5D.key=domain&details%5B2%5D.value=nw.com&_=1395893875835
--
This message was sent by Atlassian JIRA
(v6.2#6252)
