Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Undertow Insertion of Sensitive Information into Log File Vulnerability - CVE-2019-10212 - Vulnerability Database
Undertow

Undertow Insertion of Sensitive Information into Log File Vulnerability - CVE-2019-10212

Critical
Reference: CVE-2019-10212
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-10212
Title: Undertow Insertion of Sensitive Information into Log File Vulnerability
Overview:

A flaw was found in all under 2.0.20 in the Undertow DEBUG log for io.undertow.request.security. If enabled an attacker could abuse this flaw to obtain the user39s credentials from the log files.