PayaraMicro microprofile-config.properties Information Leakage Vulnerability CVE-2021-41381
PayaraMicro microprofile-config.properties Information Leakage Vulnerability CVE-2021-41381
PayaraMicro microprofile-config.properties Information Leakage Vulnerability CVE-2021-41381
Vulnerability Description
If the PayaraMicro microprofile-config.properties file is configured incorrectly, it can be read by any user to obtain sensitive information.
Vulnerability Impact
Payara Micro Community 5.2021.6
Network surveying and mapping
app=”Payara-Micro”
Vulnerability reappears
Product Page
Verify POC
1
/.//WEB-INF/classes/META-INF/microprofile-config.properties
This post is licensed under CC BY 4.0 by the author.