#VU81930 Permissions, Privileges, and Access Controls in Wildfly Core - CVE-2023-4061

Cybersecurity Help s.r.o.

Published: 2023-10-11

Vulnerability identifier: #VU81930

Vulnerability risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4061

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Wildfly Core
Server applications / Application servers

Vendor: Red Hat Inc.

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to improper privilege management in the RBAC implementation. A remote user can use the resolve-expression in the HAL interface to read system properties from the Wildfly system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Wildfly Core: 10.0.0 - 21.1.1

External links
https://github.com/wildfly/wildfly-core/releases/tag/22.0.0.Final
https://bugzilla.redhat.com/show_bug.cgi?id=2228608

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in JBoss Enterprise Application Platform 7.4 for RHEL 9

Multiple vulnerabilities in JBoss Enterprise Application Platform 7.4 for RHEL 7

Multiple vulnerabilities in JBoss Enterprise Application Platform 7.4 for RHEL 8

Multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform

Multiple vulnerabilities in Wildfly Core