CVE-2020-1748
published 2020-09-16CVE-2020-1748: A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | decision_manager | — | — |
| redhat | process_automation | — | — |
| redhat | wildfly_elytron | < 1.6.8.final-redhat-00001 | 1.6.8.final-redhat-00001 |
| redhat | wildfly_elytron | — | — |