CVE-2024-8097
Sept. 12, 2024, 12:35 p.m.
Tags
Product(s) Impacted
Payara Platform Payara Server
- 6.0.0 - 6.18.0
- 6.2022.1 - 6.2024.9
- 5.20.0 - 5.67.0
- 5.2020.2 - 5.2022.5
- 4.1.2.191.0 - 4.1.2.191.50
Description
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Payara Platform Payara Server (Logging modules) allows Sensitive credentials posted in plain-text on the server log.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from 5.20.0 before 5.67.0, from 5.2020.2 before 5.2022.5, from 4.1.2.191.0 before 4.1.2.191.50.
Weaknesses
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE ID: 200Date
Published: Sept. 11, 2024, 5:15 p.m.
Last Modified: Sept. 12, 2024, 12:35 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
769c9ae7-73c3-4e47-ae19-903170fc3eb8