CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Redhat: >> Wildfly Elytron >> 1.10.14 Security Vulnerabilities

CVE-2020-10714

A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVSS Score

7.5

EPSS Score

0.004

Published

2020-09-23

Page 1

Vulnerabilities

Vulnerable Software

Redhat: >> Wildfly Elytron >> 1.10.14 Security Vulnerabilities

Products

Pricing

Contact Us