Assigner | redhat |
Reserved | 2024-01-31 |
Published | 2024-04-25 |
Updated | 2024-06-04 |
Description
A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user credentials such as the username and password for the database-connection.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Product status
0:6.2.2-1.Final_redhat_00001.1.el8eap before *
0:2.1.4-1.Final_redhat_00001.1.el8eap before *
0:6.2.2-1.Final_redhat_00001.1.el9eap before *
0:2.1.4-1.Final_redhat_00001.1.el9eap before *
Timeline
2024-01-31: | Reported to Red Hat. |
2024-01-29: | Made public. |
References
https://access.redhat.com/errata/RHSA-2024:3580 (RHSA-2024:3580)
https://access.redhat.com/errata/RHSA-2024:3581 (RHSA-2024:3581)
https://access.redhat.com/errata/RHSA-2024:3583 (RHSA-2024:3583)
https://access.redhat.com/security/cve/CVE-2024-1102
https://bugzilla.redhat.com/show_bug.cgi?id=2262060 (RHBZ#2262060)
https://github.com/jberet/jsr352/issues/452