Launchpad.net

CVE 2020-13881

In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.

See the CVE page on Mitre.org for more details.