CVE-2024-9621

Name of the Vulnerable Software and Affected Versions Quarkus CXF (affected versions not specified)

Description A vulnerability was found in Quarkus CXF where passwords and other secrets may appear in the application log despite the user configuring them to be hidden. This issue requires specific configuration to be vulnerable, such as SOAP logging enabled, application set client, and endpoint logging properties. The attacker must have access to the application log to exploit this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.