CVE-2021-20250
MEDIUM4.3EPSS 0.29%JBoss EJB Client information disclosure vulnerability
發布日:2022/5/24修改日:2023/11/8
描述
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
受影響套件(1)
- Maven/org.jboss:jboss-ejb-clientfrom 0, < 4.0.39
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM4.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |