Description

A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.

Remediation

References

https://bugzilla.redhat.com/show_bug.cgi?id=1929479

Related Vulnerabilities

CVE-2021-40690 Vulnerability in maven package org.apache.santuario:xmlsec

CVE-2023-26476 Vulnerability in maven package org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki

CVE-2023-46242 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore

CVE-2018-1067 Vulnerability in maven package io.undertow:undertow-core

CVE-2021-43090 Vulnerability in maven package com.predic8:soa-model-parent

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Issue Tracking Vendor Advisory