A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found.
CVE ID: CVE-2025-5731
Vendor: Red Hat
Product: Red Hat Data Grid 8, Red Hat JBoss Enterprise Application Platform 7, Red Hat JBoss Enterprise Application Platform 8, Red Hat JBoss Enterprise Application Platform Expansion Pack
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 1.83% (scored less or equal to compared to others)
EPSS Date: 2025-07-15 (when was this score calculated)