Medium severityNVD Advisory· Published Sep 11, 2024· Updated Apr 15, 2026

CVE-2024-8097

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Payara Platform Payara Server (Logging modules) allows Sensitive credentials posted in plain-text on the server log.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from 5.20.0 before 5.67.0, from 5.2020.2 before 5.2022.5, from 4.1.2.191.0 before 4.1.2.191.50.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.payara.fish/community/docs/Release%20Notes/Release%20Notes%206.2024.9.htmlnvd
docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.18.0.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000