CVE-2025-0736 Information

Description

A flaw was found in Infinispan when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information such as configuration details or credentials through logging mechanisms. This exposure can lead to unauthorized access and exploitation by malicious actors.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

https://access.redhat.com/security/cve/CVE-2025-0736 https://bugzilla.redhat.com/show_bug.cgi?id=2342233

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.5