CVE-2021-20250 – wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client

https://notcve.org/view.php?id=CVE-2021-20250

A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality. Se encontró un fallo en wildfly. El cliente JBoss EJB presenta acciones privilegiadas de acceso público que pueden conllevar a una divulgación de información en el servidor en el que está implementado. • https://bugzilla.redhat.com/show_bug.cgi?id=1929479 https://access.redhat.com/security/cve/CVE-2021-20250 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •