-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.infinispan:infinispan-parent | maven | <= 15.1.4.Final |
Miggo AIRoot Cause AnalysisThe vulnerability occurs when sensitive JDBC_PING configuration details (credentials) are exposed via logging. This typically happens in two scenarios: 1) Direct logging in JGroups' JDBC_PING protocol during connection errors (e.g., unresolved external_addr), and 2) Infinispan's JGroups transport layer logging the full configuration during initialization. Both scenarios align with the described vulnerability pattern of exposing credentials through misconfiguration logging. Confidence is medium due to lack of direct code references, but matches the described attack vector and JGroups/Infinispan architecture.