← voltar
CVE-2015-1849

CVE-2015-1849

EPSS 1.7%
AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.redhat.com/show_bug.cgi?id=1199641https://bugzilla.redhat.com/show_bug.cgi?id=1208580https://github.com/wildfly-security/jboss-negotiation/commit/0dc9d191b6eb1d13b8f0189c5b02ba6576f4722ehttps://github.com/wildfly-security/jboss-negotiation/pull/21