CVE-2015-1849
N/A
N/A
Summary
AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/wildfly-security/jboss-negotiation/pull/21
- https://bugzilla.redhat.com/show_bug.cgi?id=1208580
- https://github.com/wildfly-security/jboss-negotiation/commit/0dc9d191b6eb1d13b8f0189c5b02ba6576f4722e
- https://bugzilla.redhat.com/show_bug.cgi?id=1199641
References
- https://github.com/wildfly-security/jboss-negotiation/pull/21
- https://bugzilla.redhat.com/show_bug.cgi?id=1208580
- https://github.com/wildfly-security/jboss-negotiation/commit/0dc9d191b6eb1d13b8f0189c5b02ba6576f4722e
- https://bugzilla.redhat.com/show_bug.cgi?id=1199641
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.