Описание
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 27.0.0 (исключая)
cpe:2.3:a:redhat:wildfly:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:redhat:amq:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:amq_online:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform_expansion_pack:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00883
Низкий
7.5 High
CVSS3
Дефекты
CWE-1188
CWE-1188
Связанные уязвимости
CVSS3: 7.5
redhat
почти 4 года назад
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
CVSS3: 7.5
debian
больше 3 лет назад
A flaw was found in WildFly, where an attacker can see deployment name ...
CVSS3: 7.5
github
больше 3 лет назад
WildFly vulnerable to Insecure Default Initialization of Resource
EPSS
Процентиль: 75%
0.00883
Низкий
7.5 High
CVSS3
Дефекты
CWE-1188
CWE-1188