Information disclosure in Payara Platform Server
CVE-2024-8097
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Payara Platform Payara Server (Logging modules) allows Sensitive credentials posted in plain-text on the server log.This issue affects Payara Server: from 6.0.0 be…
Vulnerability class: Information Disclosure
EPSS: 0.002 (8.6th percentile) — read the EPSS interpretation.
Affected products
- Payara Platform Server — versions 6.0.0, 6.2022.1, 5.20.0
Weakness classification (CWE)
Public proof-of-concept exploits
References
- 769c9ae7-73c3-4e47-ae19-903170fc3eb8 (release-notes)
- 769c9ae7-73c3-4e47-ae19-903170fc3eb8 (release-notes)
Frequently asked questions
- What is CVE-2024-8097?
- CVE-2024-8097 is a vulnerability in Payara Platform Server, classified under Information Disclosure. Published 2024-09-11.
- Is CVE-2024-8097 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.