CVE-2024-1102

Опубликовано: 25 апр. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user credentials such as the username and password for the database-connection.

Ссылки

https://access.redhat.com/errata/RHSA-2024:1677
https://access.redhat.com/errata/RHSA-2024:3580
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:3581
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:3583
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-1102
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2262060
Issue Tracking
Third Party Advisory
https://github.com/jberet/jsr352/issues/452
Exploit
Issue Tracking
https://access.redhat.com/errata/RHSA-2024:3580
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:3581
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:3583
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-1102
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2262060
Issue Tracking
Third Party Advisory
https://github.com/jberet/jsr352/issues/452
Exploit
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jberet:jberet:*:*:*:*:*:*:*:*

Версия до 2.2.1 (исключая)

Конфигурация 2

Одно из

cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*

cpe:2.3:a:redhat:jboss_enterprise_application_platform:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.0015

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-523

CWE-200

Связанные уязвимости

CVE-2024-1102

CVSS3: 6.5

redhat

около 2 лет назад

A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user credentials such as the username and password for the database-connection.

GHSA-9wmf-xf3h-r8pr

CVSS3: 6.5

github

почти 2 года назад

Jberet: jberet-core logging database credentials

EPSS

Процентиль: 36%

0.0015

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-523

CWE-200