2.1
CVE-2012-0034
- EPSS 0.07%
- Veröffentlicht 05.02.2013 23:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginThe NonManagedConnectionFactory in JBoss Enterprise Application Platform (EAP) 5.1.2 and 5.2.0, Web Platform (EWP) 5.1.2 and 5.2.0, and BRMS Platform before 5.3.1 logs the username and password in cleartext when an exception is thrown, which allows local users to obtain sensitive information by reading the log file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Jboss Enterprise Application Platform Version5.1.2
Redhat ≫ Jboss Enterprise Application Platform Version5.2.0
Redhat ≫ Jboss Enterprise Web Platform Version5.1.2
Redhat ≫ Jboss Enterprise Web Platform Version5.2.0
Redhat ≫ Jboss Enterprise Brms Platform Version <= 5.3.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.187 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|