vulnerability
Red Hat JBoss EAP: CVE-2021-3642: Observable Discrepancy
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:N/AC:M/Au:S/C:P/I:N/A:N) | Jun 30, 2021 | Sep 19, 2024 | Jul 2, 2025 |
Severity
3
CVSS
(AV:N/AC:M/Au:S/C:P/I:N/A:N)
Published
Jun 30, 2021
Added
Sep 19, 2024
Modified
Jul 2, 2025
Description
A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.. A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.
Solution
red-hat-jboss-eap-upgrade-latest
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.