CVE-2021-20250

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-20250
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-20250.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-20250
Aliases
Related
Published
2021-05-13T14:15:17Z
Modified
2024-10-11T09:41:28Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.

References

Affected packages

Git / github.com/wildfly/jboss-ejb-client

Affected ranges

Type
GIT
Repo
https://github.com/wildfly/jboss-ejb-client
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed