A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2020-03-05T00:00:00

Updated: 2024-08-05T00:26:39.178Z

Reserved: 2019-08-10T00:00:00

Link: CVE-2019-14886

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-03-05T18:15:14.447

Modified: 2024-11-21T04:27:36.727

Link: CVE-2019-14886

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-09-23T00:00:00Z

Links: CVE-2019-14886 - Bugzilla