Description
A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network. Wildfly version 7.2.0.GA, 7.2.3.GA and 7.2.5.CR2 are believed to be vulnerable.
Remediation
References
Related Vulnerabilities
WordPress Plugin Import XML and RSS Feeds Arbitrary File Upload (2.1.3)
WordPress Plugin WP Easy Gallery 'select_gallery' Parameter Cross-Site Scripting (1.7)
MySQL CVE-2018-3247 Vulnerability (CVE-2018-3247)
Internet Information Services Other Vulnerability (CVE-2000-0071)
WordPress Plugin ABC Test 'id' Parameter Cross-Site Scripting (0.1)