Home

CVE-2020-25640

Description

A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.354

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2020-25640 are fixed in RedHat - wildfly-parent 21.0.0Windows
Vulnerabilities CVE-2020-25640 are fixed in RedHat - wildfly-parent for Linux 21.0.0Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234