Description
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server
Remediation
References
https://access.redhat.com/errata/RHSA-2019:3082
https://access.redhat.com/errata/RHSA-2019:3083
https://access.redhat.com/errata/RHSA-2019:4018
https://access.redhat.com/errata/RHSA-2019:4019
https://access.redhat.com/errata/RHSA-2019:4020
https://access.redhat.com/errata/RHSA-2019:4021
https://access.redhat.com/errata/RHSA-2019:4040
https://access.redhat.com/errata/RHSA-2019:4041
https://access.redhat.com/errata/RHSA-2019:4042
https://access.redhat.com/errata/RHSA-2019:4045
https://access.redhat.com/errata/RHSA-2020:0728
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838
Related Vulnerabilities
CVE-2020-16013 Vulnerability in npm package electron
CVE-2021-41182 Vulnerability in npm package jquery-ui
CVE-2020-5411 Vulnerability in maven package org.springframework.batch:spring-batch-core
CVE-2020-1714 Vulnerability in maven package org.keycloak:keycloak-common
CVE-2023-25166 Vulnerability in npm package @sideway/formula