Description
A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1881637
https://github.com/amqphub/amqp-10-resource-adapter/issues/13
https://security.netapp.com/advisory/ntap-20201210-0001/
Related Vulnerabilities
CVE-2023-50772 Vulnerability in maven package com.zintow:dingding-json-pusher
CVE-2023-31206 Vulnerability in maven package org.apache.inlong:manager-service
CVE-2023-28676 Vulnerability in maven package org.jenkins-ci.plugins:convert-to-pipeline
CVE-2017-18640 Vulnerability in maven package org.yaml:snakeyaml