CVE-2016-7043

Name of the Vulnerable Software and Affected Versions KIE server and Business Central versions prior to 7.21.0.Final

Description A security issue has been reported where username and password are stored as plaintext Java properties. This allows any application deployed on the same server to access these properties, potentially granting access to other services.

Recommendations For versions prior to 7.21.0.Final, update to version 7.21.0.Final or later to resolve the issue. As a temporary workaround, consider restricting access to the server to minimize the risk of exploitation. Avoid using plaintext storage for sensitive information like username and password until the issue is resolved.