Sensitive Information Exposure in WildFly Resource Adapter Logs

Sensitive Information Exposure in WildFly Resource Adapter Logs

CVE-2020-25640 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.

Learn more about our Web Application Penetration Testing UK.