Profile Photo
Hello, The above question refers to: https://www.cvedetails.com/vulnerability-list/vendor_id-17992/Wildfly.html  which lists 2 vulnerabilities related to accessing administration panel on TCP port 9990 without any authentication using "anonymous" access that is automatically created. As per the notes above, Wildfly/RedHat dispute the… (Show more)
in WildFly
Profile Photo
Hello We are using Wildfly 15.0.1 and while looking at ways to harden security, we came across a few vulnerabilities that affect Wildfly. Details are given below:   https://www.cvedetails.com/cve/CVE-2019-3894/  - It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity… (Show more)
in WildFly