Products
Payara Platform Payara Server
- 6.0.0 - 6.18.0
- 6.2022.1 - 6.2024.9
- 5.20.0 - 5.67.0
- 5.2020.2 - 5.2022.5
- 4.1.2.191.0 - 4.1.2.191.50
Source
769c9ae7-73c3-4e47-ae19-903170fc3eb8
Tags
CVE-2024-8097 details
Published : Sept. 11, 2024, 5:15 p.m.
Last Modified : Sept. 11, 2024, 5:15 p.m.
Last Modified : Sept. 11, 2024, 5:15 p.m.
Description
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Payara Platform Payara Server (Logging modules) allows Sensitive credentials posted in plain-text on the server log.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from 5.20.0 before 5.67.0, from 5.2020.2 before 5.2022.5, from 4.1.2.191.0 before 4.1.2.191.50.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
References
| URL | Source |
|---|---|
| https://docs.payara.fish/community/docs/Release%20Notes/Release%20Notes%206.2024.9.html | 769c9ae7-73c3-4e47-ae19-903170fc3eb8 |
| https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.18.0.html | 769c9ae7-73c3-4e47-ae19-903170fc3eb8 |
This website uses the NVD API, but is not approved or certified by it.