CVE-2020-25640

2020-11-2419:15:10

Google

osv.dev

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

42.5%

JSON

A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.

CPENameOperatorVersion
wildflyeq8.0.0.CR1
wildflyeq10.0.0.Alpha4
wildflyeq17.0.0.Alpha1
wildflyeq10.0.0.Final
wildflyeq7.0.0.Final
wildflyeq7.1.0.Final-prerelease2
wildflyeq8.0.0.Alpha2
wildflyeq14.0.0.Beta1
wildflyeq7.0.0.Beta2-prerelease
wildflyeq17.0.0.Beta1

Name	Operator	Version
wildfly	eq	8.0.0.CR1
wildfly	eq	10.0.0.Alpha4
wildfly	eq	17.0.0.Alpha1
wildfly	eq	10.0.0.Final
wildfly	eq	7.0.0.Final
wildfly	eq	7.1.0.Final-prerelease2
wildfly	eq	8.0.0.Alpha2
wildfly	eq	14.0.0.Beta1
wildfly	eq	7.0.0.Beta2-prerelease
wildfly	eq	17.0.0.Beta1