Vulnerability Details CVE-2019-14843
A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks. Versions shipped with Red Hat Jboss EAP 7 and Red Hat SSO 7 are vulnerable to this issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 6.5
References
Products affected by CVE-2019-14843
-
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0
-
cpe:2.3:a:redhat:single_sign-on:-
-
cpe:2.3:a:redhat:single_sign-on:7.3