vulnerability
Red Hat JBoss EAP: CVE-2021-20250: Exposure of Sensitive Information to an Unauthorized Actor
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Feb 17, 2021 | Sep 19, 2024 | Jul 2, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Feb 17, 2021
Added
Sep 19, 2024
Modified
Jul 2, 2025
Description
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.. A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
Solution
red-hat-jboss-eap-upgrade-latest
References
- CWE-200
- CVE-2021-20250
- https://attackerkb.com/topics/CVE-2021-20250
- URL-https://access.redhat.com/security/cve/CVE-2021-20250
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=1929479
- URL-https://access.redhat.com/errata/RHSA-2021:0872
- URL-https://access.redhat.com/errata/RHSA-2021:0873
- URL-https://access.redhat.com/errata/RHSA-2021:0874
- URL-https://access.redhat.com/errata/RHSA-2021:0885
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.