CVE-2009-3554

NONECVSS 0.0

0.0

Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.

🔗 References (24)

secalert@redhathttp://secunia.com/advisories/37671
secalert@redhathttp://securitytracker.com/id?1023316
secalert@redhathttp://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp08/html-single/Release_Notes/index.html
secalert@redhathttp://www.securityfocus.com/bid/37276
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=532111
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=539495
secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/54702
secalert@redhathttps://jira.jboss.org/jira/browse/JBPAPP-2872
secalert@redhathttps://rhn.redhat.com/errata/RHSA-2009-1636.html
secalert@redhathttps://rhn.redhat.com/errata/RHSA-2009-1637.html
secalert@redhathttps://rhn.redhat.com/errata/RHSA-2009-1649.html
secalert@redhathttps://rhn.redhat.com/errata/RHSA-2009-1650.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37671
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023316
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp08/html-single/Release_Notes/index.html

Is Your Infrastructure Affected by CVE-2009-3554?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-3554

📅 Published

🔄 Last Modified

🔗 References (24)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-3554?