CVE-2025-0736

medium

Description

A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration details or credentials, through logging mechanisms. This exposure can lead to unauthorized access and exploitation by malicious actors.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2342233

https://access.redhat.com/security/cve/CVE-2025-0736

https://access.redhat.com/errata/RHSA-2025:2663

Details

Source: Mitre, NVD

Published: 2025-01-28

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00016