vulnerability
Red Hat JBoss EAP: CVE-2018-1047: Improper Input Validation
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Dec 17, 2017 | Sep 19, 2024 | Jul 2, 2025 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Dec 17, 2017
Added
Sep 19, 2024
Modified
Jul 2, 2025
Description
A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.. A path traversal vulnerability was discovered in Undertow's org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method. This could lead to information disclosure of arbitrary local files.
Solution
red-hat-jboss-eap-upgrade-latest
References
- CWE-20
- CWE-22
- CVE-2018-1047
- https://attackerkb.com/topics/CVE-2018-1047
- URL-https://access.redhat.com/security/cve/CVE-2018-1047
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=1528361
- URL-https://access.redhat.com/errata/RHSA-2018:1247
- URL-https://access.redhat.com/errata/RHSA-2018:1248
- URL-https://access.redhat.com/errata/RHSA-2018:1249
- URL-https://access.redhat.com/errata/RHSA-2018:1251
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.