A flaw was found in Wildfly where insufficient RBAC restrictions may lead to expose metrics data. The highest threat from this vulnerability is to the confidentiality.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2021-3503 | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1942693 | Issue Tracking Vendor Advisory |
https://github.com/advisories/GHSA-c4r5-xvgw-2942 | Third Party Advisory |
https://github.com/wildfly/wildfly/pull/14136 | Patch Third Party Advisory |
https://issues.redhat.com/browse/WFLY-11933 | Vendor Advisory |
Configurations
History
25 Oct 2022, 20:20
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:wildfly:17.0.1:*:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly:16.0.0:-:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly:17.0.0:-:*:*:*:*:*:* |
cpe:2.3:a:redhat:wildfly:*:*:*:*:*:*:*:* |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 4.3 |
References | (MISC) https://access.redhat.com/security/cve/CVE-2021-3503 - Vendor Advisory | |
References | (MISC) https://github.com/wildfly/wildfly/pull/14136 - Patch, Third Party Advisory | |
References | (MISC) https://github.com/advisories/GHSA-c4r5-xvgw-2942 - Third Party Advisory |
24 Aug 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A flaw was found in Wildfly where insufficient RBAC restrictions may lead to expose metrics data. The highest threat from this vulnerability is to the confidentiality. |
09 Jun 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 Apr 2022, 01:12
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
First Time |
Redhat wildfly
Redhat |
|
CPE | cpe:2.3:a:redhat:wildfly:17.0.1:*:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly:16.0.0:-:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly:21.0.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly:17.0.0:-:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 5.3 |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1942693 - Issue Tracking, Vendor Advisory | |
References | (MISC) https://issues.redhat.com/browse/WFLY-11933 - Vendor Advisory |
18 Apr 2022, 17:45
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-18 17:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-3503
Mitre link : CVE-2021-3503
CVE.ORG link : CVE-2021-3503
JSON object : View
Products Affected
redhat
- wildfly
CWE