Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-4503

Опубликовано: 06 фев. 2024
Источник: nvd
CVSS3: 6.8
CVSS3: 7.5
EPSS Низкий

Описание

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform_expansion_pack:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 41%
0.00191
Низкий

6.8 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-665

Связанные уязвимости

redhat логотип

CVE-2023-4503

CVSS3: 6.8
redhat
около 2 лет назад

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.

github логотип

GHSA-6c6r-r3r9-h62j

CVSS3: 6.8
github
около 2 лет назад

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.

EPSS

Процентиль: 41%
0.00191
Низкий

6.8 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-665