CVE-2021-3503

Опубликовано: 18 апр. 2022

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

A flaw was found in Wildfly where insufficient RBAC restrictions may lead to expose metrics data. The highest threat from this vulnerability is to the confidentiality.

Ссылки

https://access.redhat.com/security/cve/CVE-2021-3503
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1942693
Issue Tracking
Vendor Advisory
https://github.com/advisories/GHSA-c4r5-xvgw-2942
Third Party Advisory
https://github.com/wildfly/wildfly/pull/14136
Patch
Third Party Advisory
https://issues.redhat.com/browse/WFLY-11933
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2021-3503
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1942693
Issue Tracking
Vendor Advisory
https://github.com/advisories/GHSA-c4r5-xvgw-2942
Third Party Advisory
https://github.com/wildfly/wildfly/pull/14136
Patch
Third Party Advisory
https://issues.redhat.com/browse/WFLY-11933
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:wildfly:*:*:*:*:*:*:*:*

Версия до 23.0.1 (исключая)

EPSS

Процентиль: 55%

0.00324

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200

NVD-CWE-noinfo

Связанные уязвимости

CVE-2021-3503

CVSS3: 4.3

redhat

почти 5 лет назад

A flaw was found in Wildfly where insufficient RBAC restrictions may lead to expose metrics data. The highest threat from this vulnerability is to the confidentiality.

CVE-2021-3503

CVSS3: 4.3

debian

почти 4 года назад

A flaw was found in Wildfly where insufficient RBAC restrictions may l ...

GHSA-c4r5-xvgw-2942

CVSS3: 4.3

github

почти 4 года назад

Metrics exposure in Wildfly

EPSS

Процентиль: 55%

0.00324

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200

NVD-CWE-noinfo