CVE-2021-3503

Sažetak

A flaw was found in Wildfly where insufficient RBAC restrictions may lead to expose metrics data. The highest threat from this vulnerability is to the confidentiality.

Reference

https://issues.redhat.com/browse/WFLY-11933
https://bugzilla.redhat.com/show_bug.cgi?id=1942693
https://access.redhat.com/security/cve/CVE-2021-3503
https://github.com/wildfly/wildfly/pull/14136
https://github.com/advisories/GHSA-c4r5-xvgw-2942

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

25-10-2022 - 20:20

Objavljeno

18-04-2022 - 17:15