Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-1849 - Vulnerability Database
Jboss EAP

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-1849

Medium
Reference: CVE-2015-1849
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-1849
Title: Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled.