CVE-2019-14838

A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838	Issue Tracking Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:3083	Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:3082	Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:4018	Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:4021	Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:4020	Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:4019	Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:4041	Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:4040	Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:4042	Vendor Advisory
https://access.redhat.com/errata/RHSA-2019:4045	Vendor Advisory
https://access.redhat.com/errata/RHSA-2020:0728	Vendor Advisory

Configuration 1

cpe:2.3:a:redhat:wildfly_core:7.0.0:alpha1:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly_core:7.0.0:alpha2:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly_core:7.0.0:alpha3:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly_core:7.0.0:alpha4:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly_core:7.0.0:alpha5:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly_core:7.0.0:cr1:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly_core:7.0.0:beta1:*:*:*:*:*:* cpe:2.3:a:redhat:wildfly_core:7.0.0:-:*:*:*:*:*:* cpe:2.3:a:redhat:data_grid:7.3.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.4:*:*:*:*:*:*:*

---

Published : 2019-10-14 03:15

Updated : 2020-10-13 04:21

---

NVD link : CVE-2019-14838

Mitre link : CVE-2019-14838

No products.

CWE-269