If you execute the resetUsers operation, the new password is stored in plain text in the etc/artemis-users.properties file.
Name: Justin Bertram (Reporter)
When resetting a user an alternative is to use the broker instance CLI `/bin/artemis user reset` which is not affected by the flaw
This issue has been addressed in the following products:
Red Hat AMQ
Via RHSA-2020:2751 https://access.redhat.com/errata/RHSA-2020:2751
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):