Lucene search

CVE-2020-10714

🗓️ 23 Sep 2020 13:15:15Reported by redhatType

A flaw in WildFly Elytron FORM authentication allows session fixation

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 35
Cvelist	CVE-2020-10714	23 Sep 202012:28	–	cvelist
Github Security Blog	Session Fixation in WildFly Elytron	15 Feb 202201:39	–	github
OSV	Session Fixation in WildFly Elytron	15 Feb 202201:39	–	osv
OSV	CVE-2020-10714	23 Sep 202013:15	–	osv
OSV	RHSA-2020:3463 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update	16 Sep 202404:09	–	osv
OSV	RHSA-2020:3461 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update	16 Sep 202404:09	–	osv
OSV	RHSA-2020:3462 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update	16 Sep 202404:09	–	osv
OSV	RHSA-2020:3638 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 7 security update	16 Sep 202404:10	–	osv
OSV	RHSA-2020:3639 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 8 security update	16 Sep 202404:10	–	osv
OSV	RHSA-2020:3637 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 6 security update	16 Sep 202404:10	–	osv

Nvd

Vulners

Node

redhat wildfly_elytronRange<1.11.3

Node

redhat codeready_studioMatch12.0

redhat descision_managerMatch7.0

redhat jboss_fuseMatch7.0.0

redhat process_automationMatch7.0

Node

netapp oncommand_insightMatch-

[
  {
    "product": "wildfly-elytron",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "wildfly-elytron 1.10.7.Final"
      }
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
security	www.security.netapp.com/advisory/ntap-20201223-0002/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Sep 2020 13:15Current

7.3High risk

Vulners AI Score7.3

CVSS25.1

CVSS37.5

EPSS0.00366

CWE-384