First published: Wed Feb 17 2021(Updated: )
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/jboss-ejb-client | <4.0.39 | 4.0.39 |
redhat/eap7-activemq-artemis | <0:2.9.0-9.redhat_00019.1.el6ea | 0:2.9.0-9.redhat_00019.1.el6ea |
redhat/eap7-bouncycastle | <0:1.68.0-1.redhat_00001.1.el6ea | 0:1.68.0-1.redhat_00001.1.el6ea |
redhat/eap7-guava-failureaccess | <0:1.0.1-1.redhat_00002.1.el6ea | 0:1.0.1-1.redhat_00002.1.el6ea |
redhat/eap7-guava-libraries | <0:30.1.0-1.redhat_00001.1.el6ea | 0:30.1.0-1.redhat_00001.1.el6ea |
redhat/eap7-hal-console | <0:3.2.13-1.Final_redhat_00001.1.el6ea | 0:3.2.13-1.Final_redhat_00001.1.el6ea |
redhat/eap7-ironjacamar | <0:1.4.27-1.Final_redhat_00001.1.el6ea | 0:1.4.27-1.Final_redhat_00001.1.el6ea |
redhat/eap7-jboss-ejb-client | <0:4.0.39-1.SP1_redhat_00001.1.el6ea | 0:4.0.39-1.SP1_redhat_00001.1.el6ea |
redhat/eap7-jboss-logmanager | <0:2.1.18-1.Final_redhat_00001.1.el6ea | 0:2.1.18-1.Final_redhat_00001.1.el6ea |
redhat/eap7-jboss-remoting | <0:5.0.20-2.SP1_redhat_00001.1.el6ea | 0:5.0.20-2.SP1_redhat_00001.1.el6ea |
redhat/eap7-jboss-server-migration | <0:1.7.2-5.Final_redhat_00006.1.el6ea | 0:1.7.2-5.Final_redhat_00006.1.el6ea |
redhat/eap7-narayana | <0:5.9.11-1.Final_redhat_00001.1.el6ea | 0:5.9.11-1.Final_redhat_00001.1.el6ea |
redhat/eap7-undertow | <0:2.0.34-1.SP1_redhat_00001.1.el6ea | 0:2.0.34-1.SP1_redhat_00001.1.el6ea |
redhat/eap7-wildfly | <0:7.3.6-1.GA_redhat_00002.1.el6ea | 0:7.3.6-1.GA_redhat_00002.1.el6ea |
redhat/eap7-wildfly-elytron | <0:1.10.11-1.Final_redhat_00001.1.el6ea | 0:1.10.11-1.Final_redhat_00001.1.el6ea |
redhat/eap7-wildfly-http-client | <0:1.0.25-1.Final_redhat_00001.1.el6ea | 0:1.0.25-1.Final_redhat_00001.1.el6ea |
redhat/eap7-wildfly-naming-client | <0:1.0.14-1.Final_redhat_00001.1.el6ea | 0:1.0.14-1.Final_redhat_00001.1.el6ea |
redhat/eap7-activemq-artemis | <0:2.9.0-9.redhat_00019.1.el7ea | 0:2.9.0-9.redhat_00019.1.el7ea |
redhat/eap7-bouncycastle | <0:1.68.0-1.redhat_00001.1.el7ea | 0:1.68.0-1.redhat_00001.1.el7ea |
redhat/eap7-guava-failureaccess | <0:1.0.1-1.redhat_00002.1.el7ea | 0:1.0.1-1.redhat_00002.1.el7ea |
redhat/eap7-guava-libraries | <0:30.1.0-1.redhat_00001.1.el7ea | 0:30.1.0-1.redhat_00001.1.el7ea |
redhat/eap7-hal-console | <0:3.2.13-1.Final_redhat_00001.1.el7ea | 0:3.2.13-1.Final_redhat_00001.1.el7ea |
redhat/eap7-ironjacamar | <0:1.4.27-1.Final_redhat_00001.1.el7ea | 0:1.4.27-1.Final_redhat_00001.1.el7ea |
redhat/eap7-jboss-ejb-client | <0:4.0.39-1.SP1_redhat_00001.1.el7ea | 0:4.0.39-1.SP1_redhat_00001.1.el7ea |
redhat/eap7-jboss-logmanager | <0:2.1.18-1.Final_redhat_00001.1.el7ea | 0:2.1.18-1.Final_redhat_00001.1.el7ea |
redhat/eap7-jboss-remoting | <0:5.0.20-2.SP1_redhat_00001.1.el7ea | 0:5.0.20-2.SP1_redhat_00001.1.el7ea |
redhat/eap7-jboss-server-migration | <0:1.7.2-5.Final_redhat_00006.1.el7ea | 0:1.7.2-5.Final_redhat_00006.1.el7ea |
redhat/eap7-narayana | <0:5.9.11-1.Final_redhat_00001.1.el7ea | 0:5.9.11-1.Final_redhat_00001.1.el7ea |
redhat/eap7-undertow | <0:2.0.34-1.SP1_redhat_00001.1.el7ea | 0:2.0.34-1.SP1_redhat_00001.1.el7ea |
redhat/eap7-wildfly | <0:7.3.6-1.GA_redhat_00002.1.el7ea | 0:7.3.6-1.GA_redhat_00002.1.el7ea |
redhat/eap7-wildfly-elytron | <0:1.10.11-1.Final_redhat_00001.1.el7ea | 0:1.10.11-1.Final_redhat_00001.1.el7ea |
redhat/eap7-wildfly-http-client | <0:1.0.25-1.Final_redhat_00001.1.el7ea | 0:1.0.25-1.Final_redhat_00001.1.el7ea |
redhat/eap7-wildfly-naming-client | <0:1.0.14-1.Final_redhat_00001.1.el7ea | 0:1.0.14-1.Final_redhat_00001.1.el7ea |
redhat/eap7-activemq-artemis | <0:2.9.0-9.redhat_00019.1.el8ea | 0:2.9.0-9.redhat_00019.1.el8ea |
redhat/eap7-bouncycastle | <0:1.68.0-1.redhat_00001.1.el8ea | 0:1.68.0-1.redhat_00001.1.el8ea |
redhat/eap7-guava-failureaccess | <0:1.0.1-1.redhat_00002.1.el8ea | 0:1.0.1-1.redhat_00002.1.el8ea |
redhat/eap7-guava-libraries | <0:30.1.0-1.redhat_00001.1.el8ea | 0:30.1.0-1.redhat_00001.1.el8ea |
redhat/eap7-hal-console | <0:3.2.13-1.Final_redhat_00001.1.el8ea | 0:3.2.13-1.Final_redhat_00001.1.el8ea |
redhat/eap7-ironjacamar | <0:1.4.27-1.Final_redhat_00001.1.el8ea | 0:1.4.27-1.Final_redhat_00001.1.el8ea |
redhat/eap7-jboss-ejb-client | <0:4.0.39-1.SP1_redhat_00001.1.el8ea | 0:4.0.39-1.SP1_redhat_00001.1.el8ea |
redhat/eap7-jboss-logmanager | <0:2.1.18-1.Final_redhat_00001.1.el8ea | 0:2.1.18-1.Final_redhat_00001.1.el8ea |
redhat/eap7-jboss-remoting | <0:5.0.20-2.SP1_redhat_00001.1.el8ea | 0:5.0.20-2.SP1_redhat_00001.1.el8ea |
redhat/eap7-jboss-server-migration | <0:1.7.2-5.Final_redhat_00006.1.el8ea | 0:1.7.2-5.Final_redhat_00006.1.el8ea |
redhat/eap7-narayana | <0:5.9.11-1.Final_redhat_00001.1.el8ea | 0:5.9.11-1.Final_redhat_00001.1.el8ea |
redhat/eap7-undertow | <0:2.0.34-1.SP1_redhat_00001.1.el8ea | 0:2.0.34-1.SP1_redhat_00001.1.el8ea |
redhat/eap7-wildfly | <0:7.3.6-1.GA_redhat_00002.1.el8ea | 0:7.3.6-1.GA_redhat_00002.1.el8ea |
redhat/eap7-wildfly-elytron | <0:1.10.11-1.Final_redhat_00001.1.el8ea | 0:1.10.11-1.Final_redhat_00001.1.el8ea |
redhat/eap7-wildfly-http-client | <0:1.0.25-1.Final_redhat_00001.1.el8ea | 0:1.0.25-1.Final_redhat_00001.1.el8ea |
redhat/eap7-wildfly-naming-client | <0:1.0.14-1.Final_redhat_00001.1.el8ea | 0:1.0.14-1.Final_redhat_00001.1.el8ea |
Redhat Jboss-ejb-client | <4.0.39 | |
Redhat Jboss Enterprise Application Platform Expansion Pack |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)