CVE-2019-14838
- Source
- https://cve.org/CVERecord?id=CVE-2019-14838
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-14838.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-14838
- Aliases
- Downstream
- Published
- 2019-10-14T15:15:09.710Z
- Modified
- 2026-04-11T12:10:48.841128Z
- Severity
-
- 4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server
- Database specific
{ "unresolved_ranges": [ { "extracted_events": [ { "last_affected": "7.3.4" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:redhat:data_grid:7.3.4:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "7.2.0" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "7.2.4" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.4:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "7.2.5" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.5:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "7.3.0" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "7.3.5" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:redhat:single_sign-on:7.3.5:*:*:*:*:*:*:*" }, { "extracted_events": [ { "last_affected": "7.0.0-alpha3" } ], "source": "CPE_FIELD", "cpe": "cpe:2.3:a:redhat:wildfly_core:7.0.0:alpha3:*:*:*:*:*:*" } ] }- References
-
- https://access.redhat.com/errata/RHSA-2019:3082
- https://access.redhat.com/errata/RHSA-2019:3083
- https://access.redhat.com/errata/RHSA-2019:4018
- https://access.redhat.com/errata/RHSA-2019:4019
- https://access.redhat.com/errata/RHSA-2019:4020
- https://access.redhat.com/errata/RHSA-2019:4021
- https://access.redhat.com/errata/RHSA-2019:4040
- https://access.redhat.com/errata/RHSA-2019:4041
- https://access.redhat.com/errata/RHSA-2019:4042
- https://access.redhat.com/errata/RHSA-2019:4045
- https://access.redhat.com/errata/RHSA-2020:0728
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838
Affected packages
Git / github.com/wildfly/wildfly-core
Affected ranges
- Type
- GIT
- Repo
- https://github.com/wildfly/wildfly-core
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "extracted_events": [ { "introduced": "0" }, { "last_affected": "7.0.0-NA" }, { "last_affected": "7.0.0-alpha1" }, { "last_affected": "7.0.0-alpha2" }, { "last_affected": "7.0.0-alpha4" }, { "last_affected": "7.0.0-alpha5" }, { "last_affected": "7.0.0-beta1" }, { "last_affected": "7.0.0-cr1" } ], "source": "CPE_FIELD", "cpe": [ "cpe:2.3:a:redhat:wildfly_core:7.0.0:-:*:*:*:*:*:*", "cpe:2.3:a:redhat:wildfly_core:7.0.0:alpha1:*:*:*:*:*:*", "cpe:2.3:a:redhat:wildfly_core:7.0.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:redhat:wildfly_core:7.0.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:redhat:wildfly_core:7.0.0:alpha5:*:*:*:*:*:*", "cpe:2.3:a:redhat:wildfly_core:7.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:redhat:wildfly_core:7.0.0:cr1:*:*:*:*:*:*" ] }
Affected versions
1.*
1.0.0.Alpha1
1.0.0.Alpha10
1.0.0.Alpha11
1.0.0.Alpha12
1.0.0.Alpha13
1.0.0.Alpha14
1.0.0.Alpha15
1.0.0.Alpha16
1.0.0.Alpha17
1.0.0.Alpha18
1.0.0.Alpha19
1.0.0.Alpha2
1.0.0.Alpha3
1.0.0.Alpha4
1.0.0.Alpha5
1.0.0.Alpha6
1.0.0.Alpha7
1.0.0.Alpha8
1.0.0.Alpha9
1.0.0.Beta1
1.0.0.Beta2
1.0.0.Beta3
1.0.0.Beta4
1.0.0.Beta5
1.0.0.Beta6
1.0.0.CR1
2.*
2.0.0.Alpha1
2.0.0.Alpha10
2.0.0.Alpha11
2.0.0.Alpha12
2.0.0.Alpha13
2.0.0.Alpha2
2.0.0.Alpha3
2.0.0.Alpha4
2.0.0.Alpha5
2.0.0.Alpha6
2.0.0.Alpha8
2.0.0.Alpha9
2.0.0.Beta1
2.0.0.Beta2
2.0.0.Beta3
2.0.0.Beta4
2.0.0.Beta5
2.0.0.Beta6
2.0.0.Beta7
2.0.0.CR1
2.0.0.CR2
2.0.0.CR3
2.0.0.CR4
2.0.0.CR5
2.0.0.CR6
2.0.0.CR7
2.0.0.CR8
2.0.0.CR9
2.0.0.Final
2.0.10.Final
2.0.2.Final
2.0.3.Final
2.0.4.Final
2.0.5.CR1
2.0.5.Final
2.0.6.Final
2.0.7.Final
2.0.8.Final
2.0.9.Final
2.1.0.CR1
2.1.0.CR2
2.1.0.Final
3.*
3.0.0.Alpha1
3.0.0.Alpha10
3.0.0.Alpha11
3.0.0.Alpha12
3.0.0.Alpha13
3.0.0.Alpha14
3.0.0.Alpha15
3.0.0.Alpha16
3.0.0.Alpha17
3.0.0.Alpha18
3.0.0.Alpha19
3.0.0.Alpha2
3.0.0.Alpha20
3.0.0.Alpha21
3.0.0.Alpha22
3.0.0.Alpha23
3.0.0.Alpha24
3.0.0.Alpha25
3.0.0.Alpha3
3.0.0.Alpha4
3.0.0.Alpha5
3.0.0.Alpha6
3.0.0.Alpha7
3.0.0.Alpha8
3.0.0.Alpha9
3.0.0.Beta1
3.0.0.Beta11
3.0.0.Beta12
3.0.0.Beta13
3.0.0.Beta14
3.0.0.Beta15
3.0.0.Beta16
3.0.0.Beta16-pre
3.0.0.Beta18
3.0.0.Beta19
3.0.0.Beta2
3.0.0.Beta20
3.0.0.Beta21
3.0.0.Beta22
3.0.0.Beta23
3.0.0.Beta24
3.0.0.Beta25
3.0.0.Beta26
3.0.0.Beta27
3.0.0.Beta28
3.0.0.Beta29
3.0.0.Beta3
3.0.0.Beta30
3.0.0.Beta31
3.0.0.Beta4
3.0.0.Beta5
3.0.0.Beta6
3.0.0.Beta7
3.0.0.Beta8
3.0.0.Beta9
3.0.0.CR1
3.0.0.Final
4.*
4.0.0.Alpha1
4.0.0.Alpha10
4.0.0.Alpha2
4.0.0.Alpha3
4.0.0.Alpha4
4.0.0.Alpha5
4.0.0.Alpha6
4.0.0.Alpha7
4.0.0.Alpha8
4.0.0.Alpha9
4.0.0.Beta1
4.0.0.Beta2
4.0.0.CR1
4.0.0.Final
5.*
5.0.0.Alpha1
5.0.0.Alpha2
5.0.0.Alpha3
5.0.0.Alpha4
5.0.0.Alpha5
5.0.0.Alpha6
5.0.0.Alpha7
5.0.0.Beta1
5.0.0.Beta2
5.0.0.Beta3
5.0.0.Beta4
5.0.0.Beta5
5.0.0.CR1
5.0.0.Final
6.*
6.0.0.Alpha1
6.0.0.Alpha2
6.0.0.Alpha3
6.0.0.Alpha4
6.0.0.Alpha5
6.0.0.Beta1
6.0.0.CR1
6.0.0.CR2
6.0.0.CR3
6.0.0.CR4
6.0.0.Final
6.0.1.Final
6.0.2.Final
7.*
7.0.0.Alpha1
7.0.0.Alpha2
7.0.0.Alpha4
7.0.0.Alpha5
7.0.0.Beta1
7.0.0.CR1
7.0.0.Final