Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Teiid Java Database Connectivity (JDBC) socket, as used in JBoss Enterprise Data Services Platform before 5.3.0, does not encrypt login messages by default contrary to documentation and specification, which allows remote attackers to obtain login credentials via a man-in-the-middle (MITM) attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Teiid JDBC Man 信息泄露漏洞
Vulnerability Description
JBoss Enterprise Data Services Platform 5.3.0之前的版本中的Teiid Java Database Connectivity (JDBC)套接字存在漏洞,该漏洞源于程序没有使用默认相反设置对文档与规范的登录信息进行加密。远程攻击者利用该漏洞通过中间人攻击获得登录凭证。
CVSS Information
N/A
Vulnerability Type
N/A