QSearchQSearch

CVE-2021-3425

4.4 MEDIUM

A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logf...

Published: 2021-06-01 · Last updated: 2026-06-17

Severity and scoring

CVSS
4.4 MEDIUM
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE
CWE-532

Affected products

VendorProduct
redhatjboss_a-mq

Description

A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shipped in Red Hat AMQ 7 are vulnerable.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-1767 A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component (5.6 MEDIUM)
  • CVE-2026-1766 A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 com... (5.6 MEDIUM)
  • CVE-2026-11793 A stack buffer overflow flaw was found in 389 Directory Server (4.9 MEDIUM)
  • CVE-2026-11790 A flaw was found in 389 Directory Server (4.9 MEDIUM)
  • CVE-2026-11789 A flaw was found in 389 Directory Server (4.9 MEDIUM)

Same CWE

  • CVE-2025-46313 A logging issue was addressed with improved data redaction (5.5 MEDIUM)
  • CVE-2026-0267 An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured p...
  • CVE-2026-9751 The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in p... (5.5 MEDIUM)
  • CVE-2026-9735 MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication (5.5 MEDIUM)
  • CVE-2026-45581 fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs (5.5 MEDIUM)