CVE-2020-25640

Medium

A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection…

redhat·CWE-209·Published 2020-11-24

CVSS

5.3

EPSS

0.01

KEV

Exploits

cve.orgen

192 chars

A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.

NVDen

192 chars

A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.

OSV.deven

192 chars

A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.

GHSAen

192 chars

A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.

NVDes

260 chars

Se detectó un fallo en WildFly versiones anteriores a 21.0.0.Final donde, el adaptador de Recursos registra una contraseña JMS de texto plano en el nivel de advertencia en caso de error de conexión, insertando información confidencial en el archivo de registro

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:P/I:N/A:N
3.1	Primary	NVD	5.3	1.6	3.6	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N