What is CVE-2016-7043?

CVE-2016-7043 is a medium-severity vulnerability in Kie Kie-server, classified under CWE-260. CVSS score: 5.9/10. Published 2019-05-15.

How severe is CVE-2016-7043?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Vulnerability in Kie Kie-server

CVE-2016-7043

It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting acce…

EPSS: 0.002 (45.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Kie Kie-server — versions affects < 7.21.0.Final

Weakness classification (CWE)

CWE-260

References

bugzilla.redhat.com/show_bug.cgi (x_refsource_CONFIRM)
github.com/kiegroup/droolsjbpm-integration/pull/1273 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2016-7043?: CVE-2016-7043 is a medium-severity vulnerability in Kie Kie-server, classified under CWE-260. CVSS score: 5.9/10. Published 2019-05-15.
How severe is CVE-2016-7043?: Medium severity. CVSS v3 base score is 5.9 out of 10.