Description

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled.

Remediation

References

CVE-2015-1849

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-2006-0026)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Security Bypass (3.0.30)

WordPress Plugin Calendar Event Multi View Security Bypass (1.4.06)

WordPress Plugin Flog Cross-Site Scripting (0.1)

Liferay DXP Improper Certificate Validation Vulnerability (CVE-2022-42131)

Severity

Medium

Classification

CVE-2015-1849 CWE-200 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities