A vulnerability was found in Undertow web server prior to 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat undertow |
||
redhat virtualization 4.0 |
||
redhat virtualization_host 4.0 |
||
redhat jboss data grid - |
||
redhat openshift application runtimes - |
||
netapp active iq unified manager - |