2.1
CVSSv2

CVE-2018-1047

Published: 24/01/2018 Updated: 09/10/2019
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat jboss_enterprise_application_platform 7.1.0

Vendor Advisories

Synopsis Important: Red Hat JBoss Enterprise Application Platform 712 security update Type/Severity Security Advisory: Important Topic Updated packages that provide Red Hat JBoss Enterprise Application Platform 712, fixes several bugs, and adds various enhancements are now available for Red Hat Enterpri ...
Synopsis Moderate: Red Hat OpenShift Application Runtimes Thorntail 220 security & bug fix update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Application RuntimesRed Hat Product Security has rated this update as having a security impactof Moderate ...
Synopsis Important: jboss-ec2-eap package for EAP 712 Type/Severity Security Advisory: Important Topic An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 712 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 712 for Red Ha ...
Synopsis Important: JBoss Enterprise Application Platform 712 on RHEL 6 Type/Severity Security Advisory: Important Topic Updated packages that provide Red Hat JBoss Enterprise Application Platform 712 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6Red ...
Synopsis Important: JBoss Enterprise Application Platform 712 for RHEL 7 Type/Severity Security Advisory: Important Topic Updated packages that provide Red Hat JBoss Enterprise Application Platform 712 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7Re ...
A path traversal vulnerability was discovered in Undertow's orgwildflyextensionundertowdeploymentServletResourceManagergetResource method This could lead to information disclosure of arbitrary local files ...