{"cve":{"cve_id":"CVE-2019-14885","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00742,"epss_percentile":0.49846,"epss_as_of":"2026-06-23","description":"A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.","published_at":"2020-01-23T00:00:00Z","last_modified_at":null,"cvss_v3_score":5.4,"cvss_v3_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-532"],"nvd_references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:12:12.571806Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"L","value_label":"Low"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"red-hat","vendor_name":"Red Hat","product_slug":"jboss-eap","product_name":"JBoss EAP","version_start":"All versions before 7.2.6.GA","version_start_inclusive":true,"version_end":"All versions before 7.2.6.GA","version_end_inclusive":true,"cpe23_uri":"cve5:red-hat:jboss-eap:All versions before 7.2.6.GA:All versions before 7.2.6.GA"}],"exploit_refs":[],"news":[],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2020-01-23T00:00:00Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T16:59:49.989342Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T16:59:49.989342Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T16:59:49.989342Z","label":"CVSS score revised","source":"cvelistv5"}]}