Security Advisory

CVE-2014-0085

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-04-17 14:00:00

Last updated 2024-08-06 09:05:38

Assigner redhat

State PUBLISHED

Description

JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local users. Note: this description has been updated; previous text mistakenly identified the source of the flaw as Zookeeper. Previous text: Apache Zookeeper logs cleartext admin passwords, which allows local users to obtain sensitive information by reading the log.

← Browse all CVEs View on cve.org ↗