A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2019:2998 | Vendor Advisory |
https://access.redhat.com/errata/RHSA-2020:0727 | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10212 | Issue Tracking Mitigation Vendor Advisory |
https://security.netapp.com/advisory/ntap-20220210-0017/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2019-10-02T18:22:08
Updated: 2022-02-10T09:06:38
Reserved: 2019-03-27T00:00:00
Link: CVE-2019-10212
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-10-02T19:15:11.703
Modified: 2022-02-20T06:20:47.690
Link: CVE-2019-10212
JSON object: View
Redhat Information
No data.
CWE