Lucene search
Ubuntu.comUB:CVE-2012-0034HistoryFeb 05, 2013 - 12:00 a.m.
CVE-2012-0034
2013-02-0500:00:00
ubuntu.com
ubuntu.com
6
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
9.3%
The NonManagedConnectionFactory in JBoss Enterprise Application Platform
(EAP) 5.1.2 and 5.2.0, Web Platform (EWP) 5.1.2 and 5.2.0, and BRMS
Platform before 5.3.1 logs the username and password in cleartext when an
exception is thrown, which allows local users to obtain sensitive
information by reading the log file.
Bugs
Notes
| Author | Note |
|---|---|
| ebarretto | NOT-FOR-US: JBoss Enterprise Application Platform |
Related
redhat
redhat
(RHSA-2012:0108) Low: jbosscache security update
2012-02-10 00:05:56
(RHSA-2013:0533) Important: JBoss Enterprise SOA Platform 5.3.1 update
2013-02-20 00:00:00
(RHSA-2013:0221) Important: JBoss Enterprise BRMS Platform 5.3.1 update
2013-01-31 00:00:00
prion
prion
Input validation
2013-02-05 23:55:00
cve
cve
CVE-2012-0034
2013-02-05 23:55:00
seebug
seebug
JBoss Cache 'NonManagedConnectionFactory.java'ćŹĺ°äżĄćŻćłé˛ćźć´
2012-01-18 00:00:00
nessus
nessus
RHEL 6 : JBoss EAP (RHSA-2013:0191)
2013-01-24 00:00:00
RHEL 5 : JBoss EAP (RHSA-2013:0192)
2013-01-24 00:00:00
RHEL 6 : JBoss EWP (RHSA-2013:0195)
2014-11-08 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 04:46:19
Privilege Escalation
2019-05-02 04:46:55
Weak Authentication
2019-05-02 04:46:21
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
9.3%
Related for UB:CVE-2012-0034