Lucene search

Veracode Vulnerability DatabaseVERACODE:26343

HistoryAug 18, 2020 - 2:04 a.m.

Information Disclosure

2020-08-1802:04:01

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

wildfly is vulnerable to information disclosure. The vulnerability through the exposed setting of TCCL at EmbeddedManagedProcess API.

CPENameOperatorVersion
eap7-hibernate-validatoreq6.0.16__1.Final_redhat_00001.1.el7eap
eap7-hibernate-validatoreq5.2.5__1.Final_redhat_1.1.ep7.el7
eap7-hibernate-validatoreq5.2.4__1.Final_redhat_1.1.ep7.el6
eap7-hibernate-validatoreq5.3.5__3.Final_redhat_2.1.ep7.el7
eap7-hibernate-validatoreq5.2.4__1.Final_redhat_1.1.ep7.el7
eap7-hibernate-validatoreq6.0.14__1.Final_redhat_00001.1.el8eap
eap7-hibernate-validatoreq6.0.14__1.Final_redhat_00001.1.el6eap
eap7-hibernate-validatoreq6.0.14__1.Final_redhat_00001.1.el7eap
eap7-hibernate-validatoreq6.0.18__1.Final_redhat_00001.1.el7eap
eap7-hibernate-validatoreq6.0.18__1.Final_redhat_00001.1.el6eap

Name	Operator	Version
eap7-hibernate-validator	eq	6.0.16__1.Final_redhat_00001.1.el7eap
eap7-hibernate-validator	eq	5.2.5__1.Final_redhat_1.1.ep7.el7
eap7-hibernate-validator	eq	5.2.4__1.Final_redhat_1.1.ep7.el6
eap7-hibernate-validator	eq	5.3.5__3.Final_redhat_2.1.ep7.el7
eap7-hibernate-validator	eq	5.2.4__1.Final_redhat_1.1.ep7.el7
eap7-hibernate-validator	eq	6.0.14__1.Final_redhat_00001.1.el8eap
eap7-hibernate-validator	eq	6.0.14__1.Final_redhat_00001.1.el6eap
eap7-hibernate-validator	eq	6.0.14__1.Final_redhat_00001.1.el7eap
eap7-hibernate-validator	eq	6.0.18__1.Final_redhat_00001.1.el7eap
eap7-hibernate-validator	eq	6.0.18__1.Final_redhat_00001.1.el6eap

Rows per page:

1-10 of 8161

References

access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/

access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/

access.redhat.com/errata/RHSA-2020:3461

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1828476

issues.redhat.com/browse/JBEAP-18793

issues.redhat.com/browse/JBEAP-19095

issues.redhat.com/browse/JBEAP-19134

issues.redhat.com/browse/JBEAP-19185

issues.redhat.com/browse/JBEAP-19203

issues.redhat.com/browse/JBEAP-19205

issues.redhat.com/browse/JBEAP-19269

issues.redhat.com/browse/JBEAP-19322

issues.redhat.com/browse/JBEAP-19325

issues.redhat.com/browse/JBEAP-19397

issues.redhat.com/browse/JBEAP-19409

issues.redhat.com/browse/JBEAP-19529

issues.redhat.com/browse/JBEAP-19564

issues.redhat.com/browse/JBEAP-19585

issues.redhat.com/browse/JBEAP-19617

issues.redhat.com/browse/JBEAP-19619

issues.redhat.com/browse/JBEAP-19673

issues.redhat.com/browse/JBEAP-19674

issues.redhat.com/browse/JBEAP-19874

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Related for VERACODE:26343