Forum Discussion

Brandon's avatar
Brandon
7 years ago

Anyone else seeing clear-text credentials on their EBS volumes?

We're seeing top-level credentials in clear-text under our EBS volumes.  I have not noticed this before so I suspect this is due to a recent saas controller update.  For example: the snmp.community appears hashed out at the top of the page, and appears again at the bottom as "system.mmunity" and the value is in clear text.  Other, very sensitive credentials are also displayed.  I'm currently number 4 in the queue waiting to speak with a rep about this, but I wanted to see if anyone else is experiencing this.

For obvious reasons, I won't be screenshotting this.  I would urge everyone to check their accounts to see if they are seeing something similar.

aws
security

2 Replies

Sort By
Replies have been turned off for this discussion
  • Sarah_Terry's avatar
    Sarah_Terry
    Icon for Product Manager rankProduct Manager
    7 years ago

    Hi Brandon,

    I'm not able to replicate this in any of our accounts.  We obfuscate all credentials ending in .key, .pass, .accesskey, .auth and snmp.[community| privtoken | authtoken].  Can you confirm that the property wasn't just set with an incorrect name - 'snmp.mmunity' wouldn't normally be obfuscated, and shouldn't have been anything that was automatically created by LogicMonitor.  We can look into improving how the obfuscation is handled as well, perhaps by enabling users to mark properties as sensitive when they are entered. 

    Thanks,

    Sarah

  • Brandon's avatar
    Brandon
    7 years ago

    This is only showing up on our EBS volumes - nowhere else that I can tell.  Normally there's a drop-down to show us where the property was applied, but in this case, there isn't one.  As of right now, it appears at least 3 credentials are exposed.  This does not appear to be anything done by someone on our end.  I've got a ticket open to have someone investigate.