vulnerability
Red Hat JBoss EAP: CVE-2021-3642: Observable Discrepancy
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:N/AC:M/Au:S/C:P/I:N/A:N) | Jun 30, 2021 | Sep 19, 2024 | Mar 25, 2026 |
Severity
3
CVSS
(AV:N/AC:M/Au:S/C:P/I:N/A:N)
Published
Jun 30, 2021
Added
Sep 19, 2024
Modified
Mar 25, 2026
Description
A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.. A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.
Solution
red-hat-jboss-eap-upgrade-latest
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.