Lucene search
PRIOn knowledge basePRION:CVE-2020-14299HistoryOct 16, 2020 - 2:15 p.m.
Authentication flaw
2020-10-1614:15:00
PRIOn knowledge base
www.prio-n.com
8
A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jboss_enterprise_application_platform | lt | 5.0.3 | |
| single_sign-on | eq | 7.0 |
Related
redhatcve
redhatcve
CVE-2020-14299
2020-10-13 20:16:26
cve
cve
CVE-2020-14299
2020-10-16 14:15:11
veracode
veracode
Authentication Bypass
2020-10-14 04:33:01
nvd
nvd
CVE-2020-14299
2020-10-16 14:15:11
cvelist
cvelist
CVE-2020-14299
2020-10-16 13:10:43
nessus
nessus
redhat
redhat