VDB
RHSA-2014%3A0205
RHSA-2014%3A0205
PUBLISHED
CVSS 1.899999976158142 LOW
It was found that the security audit functionality logged request parameters in plain text. This may have caused passwords to be included in the audit log files when using BASIC or FORM-based authentication. A local attacker with access to audit log files could possibly use this flaw to obtain application or server authentication credentials.
Risk Scores
CVSS 2.0
1.899999976158142
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat JBoss Enterprise Application Platform 6.2 |
Timeline
- Feb 24, 2014 CVE Published
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- May 14, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2014:0205 advisory
- https://access.redhat.com/security/updates/classification/#low advisory
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.2.0 advisory
- https://access.redhat.com/site/solutions/625683 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1063641 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0205.json advisory
- https://access.redhat.com/security/cve/CVE-2014-0058 advisory
- https://www.cve.org/CVERecord?id=CVE-2014-0058 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2014-0058 advisory