Description

A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.

Remediation

References

https://bugzilla.redhat.com/show_bug.cgi?id=1929479

Related Vulnerabilities

CVE-2023-35159 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates

CVE-2022-46769 Vulnerability in maven package org.apache.sling:org.apache.sling.cms.ui

CVE-2020-36381 Vulnerability in npm package aaptjs

CVE-2022-36100 Vulnerability in maven package org.xwiki.platform:xwiki-platform-tag-ui

CVE-2022-25205 Vulnerability in maven package org.jenkins-ci.plugins:dbcharts

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Issue Tracking Vendor Advisory