Description
A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1881637
https://github.com/amqphub/amqp-10-resource-adapter/issues/13
https://security.netapp.com/advisory/ntap-20201210-0001/
Related Vulnerabilities
CVE-2022-43429 Vulnerability in maven package com.compuware.jenkins:compuware-topaz-for-total-test
CVE-2021-29369 Vulnerability in npm package gnuplot
CVE-2023-49620 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-api
CVE-2023-52079 Vulnerability in npm package msgpackr
CVE-2019-1003094 Vulnerability in maven package org.jenkins-ci.plugins:open-stf