CVE-2014-0058

EPSS 0.06%
Veröffentlicht 26.02.2014 15:55:08
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Redhat ≫ Jboss Enterprise Application Platform Version6.0.0

Redhat ≫ Jboss Enterprise Application Platform Version6.0.1

Redhat ≫ Jboss Enterprise Application Platform Version6.1.0

Redhat ≫ Jboss Enterprise Application Platform Version6.2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.163

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	1.9	3.4	2.9	AV:L/AC:M/Au:N/C:P/I:N/A:N

http://rhn.redhat.com/errata/RHSA-2015-0034.html

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2014-0204.html

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2014-0205.html

Vendor Advisory

http://www.securityfocus.com/bid/65762

https://nvd.nist.gov/vuln/detail/CVE-2014-0058

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-0058

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-0058

EUVD