4 matches found
org.wildfly.core:wildfly-elytron-integration: Wildfly Elytron Brute Force Attack via CLI
A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...
org.wildfly.core:wildfly-elytron-integration: Wildfly Elytron Brute Force Attack via CLI
A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...
Brute-force Attack
org.wildfly.core, wildfly-elytron-integration is vulnerable to Brute-force Attack. The vulnerability is due to the lack of rate limiting on failed authentication attempts via CLI, allows attackers to perform multiple failed authentication attempts within a short time frame due to the lack of rate...
com.antonyudin.wildfly.security:ay-securityrealm-ejb (=1.0), org.jboss.as:hal-testsuite-basic (=0.0.6) +13 more potentially affected by CVE-2025-23368 via org.wildfly.core:wildfly-elytron-integration (>=10.0.0.Beta1 <=9.0.2.Final)
org.wildfly.core:wildfly-elytron-integration MAVEN version =10.0.0.Beta1, =5.0.0.Alpha6, =3.0.0.Beta17, =5.0.0.Alpha6, =3.0.0.Beta17, =13.0.0.Beta1, =5.0.0.Alpha6, =3.0.0.Beta22, =25.0.0.Final, =25.0.0.Final, =25.0.0.Final, =27.0.0.Alpha2, =27.0.0.Final, =27.0.1.Final Source cves: CVE-2025-23368...