CVE-2021-3717

Summary

A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This flaw affects wildfly-core versions prior to 17.0.

Affected Software

VendorProductVersion RangeStatus
n/awildflywildfly-core 17.0affected

Weaknesses

  • CWE-552: CWE-552

ADP Enrichment

CVE Program Container

Additional References

References