A vulnerability was found in jberet-core logging. An exception in dbProperties might display user credentials such as the username and password for the database-connection.
Login pages do not use adequate measures to protect the user name and password while they are in transit from the client to the server.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Jberet | Jberet | * | 2.2.1 (excluding) |
| Red Hat JBoss Enterprise Application Platform | RedHat | org.jberet/jberet-core:1.3.9.SP3-redhat-00001 | * |
| Red Hat JBoss Enterprise Application Platform 8 | RedHat | jberet-core | * |
| Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 | RedHat | eap8-hibernate-search-0:6.2.2-1.Final_redhat_00001.1.el8eap | * |
| Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 | RedHat | eap8-jberet-0:2.1.4-1.Final_redhat_00001.1.el8eap | * |
| Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 | RedHat | eap8-hibernate-search-0:6.2.2-1.Final_redhat_00001.1.el9eap | * |
| Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 | RedHat | eap8-jberet-0:2.1.4-1.Final_redhat_00001.1.el9eap | * |