CVE-2019-14886
published 2020-03-05CVE-2019-14886: A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_security_context. The…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| red_hat | business-central | — | — |
| redhat | decision_manager | — | — |
| redhat | process_automation_manager | — | — |