Unauthorized Modification of Server Runtime State Vulnerability

Unauthorized Modification of Server Runtime State Vulnerability

CVE-2019-14838 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server

Learn more about our Cis Benchmark Audit For Server Software.