CVE-2015-1849

Published: Sep 19, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/wildfly-security/jboss-negotiation/pull/21

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1208580

x_refsource_CONFIRM

https://github.com/wildfly-security/jboss-negotiation/commit/0dc9d191b6eb1d13b8f0189c5b02ba6576f4722e

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1199641

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-1849

Description

Affected Products

References