VDB
RHSA-2014%3A0895
RHSA-2014%3A0895
PUBLISHED
CVSS 1.899999976158142 LOW
It was found that the security audit functionality logged request parameters in plain text. This may have caused passwords to be included in the audit log files when using BASIC or FORM-based authentication. A local attacker with access to audit log files could possibly use this flaw to obtain application or server authentication credentials.
Risk Scores
CVSS 2.0
1.899999976158142
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat JBoss Data Grid 6.3 |
Exploit Intelligence
- cve_db.json (github-poc)
Timeline
- Jul 16, 2014 CVE Published
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- May 14, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2014:0895 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid&downloadType=distributions advisory
- https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Data_Grid/ advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1063641 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1063642 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1072776 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1088342 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1102030 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1102038 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0895.json advisory
- https://access.redhat.com/security/cve/CVE-2014-0058 advisory
- https://www.cve.org/CVERecord?id=CVE-2014-0058 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2014-0058 advisory
- https://access.redhat.com/security/cve/CVE-2014-0059 advisory
- https://www.cve.org/CVERecord?id=CVE-2014-0059 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2014-0059 advisory
- https://access.redhat.com/security/cve/CVE-2014-0075 advisory
- https://www.cve.org/CVERecord?id=CVE-2014-0075 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2014-0075 advisory
…and 13 more