2 matches found
org.wildfly:wildfly-microprofile-metrics-smallrye (>=22.0.0.Beta1 <=23.0.0.Final) potentially affected by CVE-2021-3503 via org.wildfly:wildfly-metrics (>=22.0.0.Beta1 <=23.0.0.Final)
org.wildfly:wildfly-metrics MAVEN version =22.0.0.Beta1, =22.0.0.Beta1, =23.0.0.Final Source cves: CVE-2021-3503 Source advisory: OSV:GHSA-C4R5-XVGW-2942...
CVE-2021-3503
This CVE (CVE-2021-3503) concerns WildFly where insufficient RBAC restrictions may allow exposure of metrics data, affecting confidentiality. Affected software is WildFly; the root cause is RBAC misconfiguration that enables unauthorized access to metrics. Publicly documented impacts indicate pot...