Количество 5
Количество 5
CVE-2019-14887
A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network. Wildfly version 7.2.0.GA, 7.2.3.GA and 7.2.5.CR2 are believed to be vulnerable.
CVE-2019-14887
A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network. Wildfly version 7.2.0.GA, 7.2.3.GA and 7.2.5.CR2 are believed to be vulnerable.
CVE-2019-14887
A flaw was found when an OpenSSL security provider is used with Wildfl ...
GHSA-rvxx-gx2m-h7rc
Inadequate Encryption Strength and Algorithm Downgrade in Wildfly
BDU:2020-05807
Уязвимость сервера приложений Wildfly, связанная с недостаточной обработкой исключительных состояний, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-14887 A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network. Wildfly version 7.2.0.GA, 7.2.3.GA and 7.2.5.CR2 are believed to be vulnerable. | CVSS3: 7.4 | 0% Низкий | почти 6 лет назад |
 | CVE-2019-14887 A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network. Wildfly version 7.2.0.GA, 7.2.3.GA and 7.2.5.CR2 are believed to be vulnerable. | CVSS3: 9.1 | 0% Низкий | почти 6 лет назад |
| CVE-2019-14887 A flaw was found when an OpenSSL security provider is used with Wildfl ... | CVSS3: 9.1 | 0% Низкий | почти 6 лет назад |
| GHSA-rvxx-gx2m-h7rc Inadequate Encryption Strength and Algorithm Downgrade in Wildfly | CVSS3: 9.1 | 0% Низкий | почти 4 года назад |
 | BDU:2020-05807 Уязвимость сервера приложений Wildfly, связанная с недостаточной обработкой исключительных состояний, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации | CVSS3: 7.4 | 0% Низкий | почти 6 лет назад |
Уязвимостей на страницу