PT-2019-13854 · Red Hat · Wildfly-Core

Publicado

2019-10-14

Atualizado

2022-05-24

CVE-2019-14838

CVSS v3.1

5.2

Média

Vetor

AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:H

Name of the Vulnerable Software and Affected Versions Wildfly-core versions prior to 7.2.5.GA

Description A flaw was found that allows Management users with Monitor, Auditor, and Deployer Roles to modify the runtime state of the server, which they should not be allowed to do.

Recommendations For versions prior to 7.2.5.GA, update to version 7.2.5.GA or later to resolve the issue.

Correção

Improper Access Control

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284CWE-269

Identificadores relacionados

CVE-2019-14838

GHSA-82V2-F875-73G9

RHSA-2019:3082

RHSA-2019:4018

RHSA-2019:4019

RHSA-2019:4020

RHSA-2019:4040

RHSA-2019:4041

RHSA-2019:4042

Produtos afetados

Wildfly-Core

PT-2019-13854 · Red Hat · Wildfly-Core

CVE-2019-14838

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 18