Description
AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled.
Remediation
References
Related Vulnerabilities
Apache 2.x version equal to 2.0.51
OpenSSL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1633)
phpMyFAQ Improper Authentication Vulnerability (CVE-2023-0311)
Oracle Database Server CVE-2006-3703 Vulnerability (CVE-2006-3703)
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-33816)