Veracode Vulnerability DatabaseVERACODE:21706Authorization Bypass
0.002 Low
EPSS
Percentile
60.2%
wildfly-core is vulnerable to authorization bypass. The vulnerability exists as incorrect privileges for ‘Monitor’, ‘Auditor’ and ‘Deployer’ user were given by default.
References
access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/
access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/
access.redhat.com/errata/RHSA-2019:3082
access.redhat.com/errata/RHSA-2019:3083
access.redhat.com/errata/RHSA-2019:4018
access.redhat.com/errata/RHSA-2019:4019
access.redhat.com/errata/RHSA-2019:4020
access.redhat.com/errata/RHSA-2019:4021
access.redhat.com/errata/RHSA-2019:4040
access.redhat.com/errata/RHSA-2019:4041
access.redhat.com/errata/RHSA-2019:4042
access.redhat.com/errata/RHSA-2019:4045
access.redhat.com/errata/RHSA-2020:0728
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838
Related
