CVE-2018-10683

Name of the Vulnerable Software and Affected Versions WildFly version 10.1.2.Final

Description An issue was discovered where an attacker can access the server without authentication in the case of a default installation without a security realm reference. This is because the configuration is effectively unsecured, as indicated by the Security Realms documentation in the product's Admin Guide. The vendor supports these unsecured configurations due to valid use cases during development.

Recommendations For WildFly version 10.1.2.Final, consider configuring a security realm reference to secure the server and prevent unauthorized access. As a temporary workaround, restrict access to the server to minimize the risk of exploitation.