Security Advisory

CVE-2019-3888

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-06-12 13:45:20

Last updated 2024-08-04 19:19:18

Assigner redhat

State PUBLISHED

Description

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)

← Browse all CVEs View on cve.org ↗