Description
A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1881637
https://github.com/amqphub/amqp-10-resource-adapter/issues/13
https://security.netapp.com/advisory/ntap-20201210-0001/
Related Vulnerabilities
CVE-2022-27202 Vulnerability in maven package org.jenkins-ci.plugins:extended-choice-parameter
CVE-2021-44521 Vulnerability in maven package org.apache.cassandra:cassandra-all
CVE-2021-21174 Vulnerability in npm package electron
CVE-2023-50719 Vulnerability in maven package org.xwiki.platform:xwiki-platform-search-solr-api
CVE-2022-45395 Vulnerability in maven package com.thalesgroup.jenkins-ci.plugins:cccc