Cleartext Exposure in Apache Derby by Apache Software Foundation
CVE-2005-4849

Currently unrated

Key Information:

Vendor

Apache
Status
Derby
Vendor
CVE Published:
31 December 2005

What is CVE-2005-4849?

Apache Derby prior to version 10.1.2.1 exposes sensitive user credentials in cleartext through specific commands and functions. Attackers can exploit this vulnerability via the RDBNAM parameter of the ACCSEC command and through the DatabaseMetaData.getURL function output, potentially leading to unauthorized access to sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://issues.apache.org/jira/browse/DERBY-559
x_refsource_CONFIRM
http://issues.apache.org/jira/browse/DERBY-530
x_refsource_CONFIRM
http://db.apache.org/derby/releases/release-10.1.2.1.html
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.