A flaw was found in Wildfly. An incorrect JBOSSLOCALUSER challenge location when using the elytron configuration may lead to JBOSSLOCALUSER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This flaw affects wildfly-core versions prior to 17.0.
{ "nvd_published_at": "2022-05-24T19:15:00Z", "cwe_ids": [ "CWE-552" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2022-06-16T23:22:01Z" }