Description
A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1881637
https://github.com/amqphub/amqp-10-resource-adapter/issues/13
https://security.netapp.com/advisory/ntap-20201210-0001/
Related Vulnerabilities
CVE-2021-32809 Vulnerability in maven package org.webjars.bowergithub.ckeditor:ckeditor4
CVE-2022-25893 Vulnerability in npm package vm2
CVE-2021-25646 Vulnerability in maven package org.apache.druid:druid-core
CVE-2018-14041 Vulnerability in maven package org.webjars.bower:bootstrap
CVE-2018-25031 Vulnerability in maven package org.webjars:swagger-ui