Lucene search
HistoryFeb 26, 2014 - 3:55 p.m.
CVE-2014-0058
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files.
Affected configurations
Node
redhatjboss_enterprise_application_platformMatch6.0.0
ORredhatjboss_enterprise_application_platformMatch6.0.1
ORredhatjboss_enterprise_application_platformMatch6.1.0
ORredhatjboss_enterprise_application_platformMatch6.2.0
Related
cve
cve
CVE-2014-0058
2014-02-26 15:55:08
veracode
veracode
Information Disclosure
2019-01-15 08:57:19
prion
prion
Input validation
2014-02-26 15:55:00
nessus
nessus
RHEL 5 / 6 : JBoss EAP (RHSA-2014:0204)
2014-02-25 00:00:00
seebug
seebug
JBoss Enterprise Application Platformζζε―η ζ¬ε°δΏ‘ζ―ζ³ζΌζΌζ΄
2014-02-27 00:00:00
redhat
redhat
cvelist
cvelist
CVE-2014-0058
2014-02-26 15:00:00
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for NVD:CVE-2014-0058