redhat jboss-data-grid CVE-2019-10212 in Red Hat and NetApp Products
Published on October 2, 2019

product logo product logo
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.

Vendor Advisory Vendor Advisory NVD

Weakness Type

Insertion of Sensitive Information into Log File

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.


Products Associated with CVE-2019-10212

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-10212 are published in these products:

Red Hat Jboss Data Grid
 
Red Hat Jboss Fuse
 
Red Hat Single Sign On
 
Red Hat Undertow
 
Red Hat Jboss Enterprise Application Platform
 
Red Hat Openshift Application Runtimes
 
NetApp Active Iq Unified Manager
 

Affected Versions

RedHat undertow Version all under 2.0.20 is affected by CVE-2019-10212

Exploit Probability

EPSS
0.29%
Percentile
52.04%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.