4 matches found
Apache Derby exposes user and password attributes
Apache Derby before 10.1.2.1 exposes the 1 user and 2 password attributes in cleartext via a the RDBNAM parameter of the ACCSEC command and b the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information...
GHSA-RP7R-79RM-2758 Apache Derby exposes user and password attributes
Apache Derby before 10.1.2.1 exposes the 1 user and 2 password attributes in cleartext via a the RDBNAM parameter of the ACCSEC command and b the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information...
Information Disclosure
Apache Derby is vulnerable to information disclosure. A context-dependent attacker is able to retrieve the cleartext user and password attributes are exposed via the RDBNAM parameter of the ACCSEC command and the output of the DatabaseMetaData.getURL function...
CVE-2005-4849
Apache Derby before 10.1.2.1 exposes the 1 user and 2 password attributes in cleartext via a the RDBNAM parameter of the ACCSEC command and b the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information...