Lucene search
+L

7 matches found

veracode
veracode
added 2023/11/09 7:59 a.m.21 views

Information Disclosure

org.wildfly.core: wildfly-controller is vulnerable to Information Disclosure. The vulnerability is caused by a missing authorization check in the resolve-expression HAL interface while reading a system property or environment variables. This can lead to a malicious user accessing the Wildfly syst...

6.5CVSS6.8AI score0.00834EPSS
Exploits0References9Affected Software1
osv
osv
added 2023/11/08 1:15 a.m.8 views

CVE-2023-4061

A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system...

6.5CVSS5.7AI score0.00834EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2023/11/08 12:0 a.m.5 views

PT-2023-27539 · Unknown · Wildfly-Core

Name of the Vulnerable Software and Affected Versions: Wildfly-core affected versions not specified Description: A flaw in wildfly-core allows a management user to use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This could enable a...

6.5CVSS6AI score0.00834EPSS
Exploits0References12
redhat
redhat
added 2023/10/06 7:21 a.m.4 views

wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor

A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system...

6.5CVSS5.7AI score0.00834EPSS
Exploits0References4
redhat
redhat
added 2023/10/05 8:23 p.m.3 views

wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor

A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system...

6.5CVSS5.7AI score0.00834EPSS
Exploits0References4
redhat
redhat
added 2023/10/05 8:18 p.m.4 views

wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor

A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system...

6.5CVSS5.7AI score0.00834EPSS
Exploits0References4
redhatcve
redhatcve
added 2023/10/05 4:54 p.m.56 views

CVE-2023-4061

A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system...

6.5CVSS6.4AI score0.00834EPSS
Exploits0References3
Rows per page
Query Builder