0.003 Low
EPSS
Percentile
68.4%
A flaw was found in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user’s credentials from the log files.
Use Elytron instead of legacy Security subsystem.
bugzilla.redhat.com/show_bug.cgi?id=1731984
nvd.nist.gov/vuln/detail/CVE-2019-10212
www.cve.org/CVERecord?id=CVE-2019-10212