Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-PJW3-C74J-M9FJ
HistoryMay 24, 2022 - 4:45 p.m.

Password in config file in KIE server

2022-05-2416:45:43
Google
osv.dev
7
kie server
config file
password security
plaintext
java properties
access control

EPSS

0.002

Percentile

61.8%

JSON

It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services.

Related

cve 1
prion 1
redhatcve 1
cvelist 1
github 1
osv 1
nvd 1
cve
cve
CVE-2016-7043
2019-05-15 16:29:00
prion
prion
Default credentials
2019-05-15 16:29:00
redhatcve
redhatcve
CVE-2016-7043
2019-05-14 21:21:32
cvelist
cvelist
CVE-2016-7043
2019-05-15 15:46:17
github
github
Password in config file in KIE server
2022-05-24 16:45:43
osv
osv
CVE-2016-7043
2019-05-15 16:29:00
nvd
nvd
CVE-2016-7043
2019-05-15 16:29:00

EPSS

0.002

Percentile

61.8%

JSON
Related for OSV:GHSA-PJW3-C74J-M9FJ
cve1prion1redhatcve1cvelist1github1osv1nvd1