Description
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.
Remediation
References
Related Vulnerabilities
WordPress 2.6.1 Lost Password SQL Column Truncation Unauthorized Access Vulnerability (0.71 - 2.6.1)
Jenkins Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-1000067)
Oracle Database Server CVE-2014-6541 Vulnerability (CVE-2014-6541)
WordPress Plugin Essential Content Types Security Bypass (1.4)
OpenSSL Improper Input Validation Vulnerability (CVE-2014-3567)