org.apache.camel:camel-jbpm (>=2.23.0 <=3.0.0-M2), org.apache.camel:camel-jbpm-starter (>=2.23.0 <=3.0.0-M2) +113 more potentially affected by CVE-2016-7043 via org.kie.server:kie-server-common (>=7.0.0.Beta3 <=7.20.0.Final)

org.kie.server:kie-server-common MAVEN version =7.0.0.Beta3, =2.23.0, =2.23.0, =7.14.0.Final, =7.16.0.Final, =7.10.0.Final, =7.10.0.Final, =7.0.0.Beta3, =7.0.0.Beta3, =7.0.0.Beta3, =7.0.0.Beta3, =7.0.0.Beta3, =7.0.0.Beta3, =7.0.0.Beta5 and more Source cves: CVE-2016-7043 Source advisory:...

CVE-2016-7043

CVE-2016-7043 affects KIE server and Business Central prior to 7.21.0.Final, where username and password are stored as plaintext Java properties accessible to any app deployed on the same server. This represents a local access risk to services due to insecure credential storage. The vulnerability...