A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNetapp Active Iq Unified Manager
APPNetappwszystkie wersjeRed Hat Enterprise Linux
OSRedhat7.0Red Hat Jboss Data Grid
APPRedhatwszystkie wersjeRed Hat Openshift Application Runtimes
APPRedhatwszystkie wersjeRed Hat Undertow
APPRedhat< 2.0.21Red Hat Virtualization
APPRedhat4.0Red Hat Virtualization Host
APPRedhat4.0
Related vulnerabilities
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserReso...
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the...