CVE-2019-14838
Description
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server
Risk Information
Base Score
4.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.381
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-14838 are fixed in Wildfly--host-controller 7.2.5 | Windows |
| Vulnerabilities CVE-2019-14838 are affected in Red Hat Data Grid 8 7.3.4 | Windows |
| Vulnerabilities CVE-2019-14838 are affected in Red Hat JBoss Enterprise Application Platform 7 7.2.4 | Windows |
| Vulnerabilities CVE-2019-14838 are fixed in Wildfly--host-controller for Linux 7.2.5 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234