Red Hat JBoss Enterprise Application Platform 6.x < 6.4.22 Multiple Vulnerabilities

The version of Red Hat JBoss Enterprise Application Platform EAP installed on the remote host is 6.x prior to 6.4.22. It is therefore, affected my multiple vulnerabilities as referenced in the RHSA-2019:1162 advisory: - admin-cli: wildfly-core: Cross-site scripting XSS in JBoss Management Console...

Information Disclosure

jboss-as-web is vulnerable to information disclosure attacks. The vulnerability exists as the security audit functionality in Red Hat JBoss Enterprise Application Platform EAP 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the l...

CVE-2014-0058

The security audit functionality in Red Hat JBoss Enterprise Application Platform EAP 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files...

Input validation

The security audit functionality in Red Hat JBoss Enterprise Application Platform EAP 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files...