VDB
CVE-2021-20250
CVE-2021-20250
PUBLISHED
In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten "Undertow" und "wildfly" aufgrund von "HTTP Request Smuggling" und der Verfügbarkeit von öffentlich zugänglichen privilegierten Aktionen. Ein entfernter anonymer oder authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um sensible Informationen offenzulegen, Daten zu manipulieren oder einen Cross-Site-Scripting-Angriff durchzuführen.
EPSS 0.29% · 52.8th percentile
Risk Scores
EPSS Score
0.29%
52.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Splunk Splunk Enterprise Add-on for JBoss <3.1.1 | |
| Red Hat | Red Hat Enterprise Linux | |
| Red Hat | Red Hat JBoss Enterprise Application Platform <7.1.8 | |
| Red Hat | Red Hat JBoss Enterprise Application Platform <7.3.6 |
Exploit Intelligence
Timeline
- Mar 16, 2021 CVE Published
- May 14, 2021 EPSS Score
- Jul 17, 2021 EPSS Score
- Sep 16, 2021 EPSS Score
- Nov 17, 2021 EPSS Score
- Jan 18, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 20, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 21, 2022 EPSS Score
- Jul 23, 2022 EPSS Score
- Sep 23, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-1272.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1272 advisory
- https://access.redhat.com/errata/RHSA-2021:0872 advisory
- https://access.redhat.com/errata/RHSA-2021:0873 advisory
- https://access.redhat.com/errata/RHSA-2021:0874 advisory
- https://access.redhat.com/errata/RHSA-2021:0885 advisory
- https://access.redhat.com/errata/RHSA-2021:0974 advisory
- https://access.redhat.com/errata/RHSA-2021:1401 advisory
- https://access.redhat.com/errata/RHSA-2021:2210 advisory
- https://access.redhat.com/errata/RHSA-2021:2755 advisory
- https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2021-125/index.html advisory
- https://access.redhat.com/errata/RHSA-2021:3140 advisory
- https://access.redhat.com/errata/RHSA-2021:3205 advisory
- https://access.redhat.com/errata/RHSA-2021:4702 advisory
- https://access.redhat.com/errata/RHSA-2021:4767 advisory
- https://access.redhat.com/errata/RHSA-2022:1013 advisory
- https://access.redhat.com/errata/RHSA-2022:1029 advisory
- https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-116/index.html advisory
- https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-134/index.html advisory
- https://access.redhat.com/errata/RHSA-2024:10208 advisory
…and 1 more