Vulnerability Details CVE-2020-10740
A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise Application Beans(EJB) due to lack of validation/filtering capabilities in wildfly.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.6%
CVSS Severity
CVSS v3 Score 6.6
CVSS v2 Score 6.0
References
Products affected by CVE-2020-10740
-
cpe:2.3:a:redhat:wildfly:-
-
cpe:2.3:a:redhat:wildfly:10.0.0
-
cpe:2.3:a:redhat:wildfly:10.1.0
-
cpe:2.3:a:redhat:wildfly:10.1.2
-
cpe:2.3:a:redhat:wildfly:11.0.0
-
cpe:2.3:a:redhat:wildfly:12.0.0
-
cpe:2.3:a:redhat:wildfly:13.0.0
-
cpe:2.3:a:redhat:wildfly:14.0.0
-
cpe:2.3:a:redhat:wildfly:14.0.1
-
cpe:2.3:a:redhat:wildfly:15.0.0
-
cpe:2.3:a:redhat:wildfly:15.0.1
-
cpe:2.3:a:redhat:wildfly:16.0.0
-
cpe:2.3:a:redhat:wildfly:17.0.0
-
cpe:2.3:a:redhat:wildfly:17.0.1
-
cpe:2.3:a:redhat:wildfly:18.0.0
-
cpe:2.3:a:redhat:wildfly:18.0.1
-
cpe:2.3:a:redhat:wildfly:19.0.0
-
cpe:2.3:a:redhat:wildfly:19.1.0
-
cpe:2.3:a:redhat:wildfly:7.2.0
-
cpe:2.3:a:redhat:wildfly:7.2.3
-
cpe:2.3:a:redhat:wildfly:7.2.5
-
cpe:2.3:a:redhat:wildfly:8.0.0
-
cpe:2.3:a:redhat:wildfly:8.1.0
-
cpe:2.3:a:redhat:wildfly:8.2.0
-
cpe:2.3:a:redhat:wildfly:8.2.1
-
cpe:2.3:a:redhat:wildfly:9.0.0
-
cpe:2.3:a:redhat:wildfly:9.0.1
-
cpe:2.3:a:redhat:wildfly:9.0.2