Description

A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.

Remediation

References

https://bugzilla.redhat.com/show_bug.cgi?id=1929479

Related Vulnerabilities

CVE-2020-2257 Vulnerability in maven package org.jenkins-ci.plugins:validating-string-parameter

CVE-2023-33201 Vulnerability in maven package org.bouncycastle:bcprov-debug-jdk18on

CVE-2022-37616 Vulnerability in maven package org.webjars.npm:xmldom

CVE-2022-45210 Vulnerability in maven package org.jeecgframework.boot:jeecg-module-system

CVE-2022-24814 Vulnerability in npm package directus

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Issue Tracking Vendor Advisory