Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Jboss Middleware Security Vulnerabilities - 2023

cve
cve

CVE-2023-4065

A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. This flaw allows an authenticated local attacker to access information outside of their permissions.

5.5CVSS

5.2AI Score

0.0004EPSS

2023-09-27 03:19 PM
93
cve
cve

CVE-2023-4066

A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker.

5.5CVSS

5.4AI Score

0.0004EPSS

2023-09-27 09:15 PM
107
cve
cve

CVE-2023-4853

A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endp...

8.1CVSS

7.5AI Score

0.002EPSS

2023-09-20 10:15 AM
138