VYPR
Critical severity9.8NVD Advisory· Published May 9, 2018· Updated Jun 17, 2026

CVE-2018-10683

CVE-2018-10683

Description

An issue was discovered in WildFly 10.1.2.Final. In the case of a default installation without a security realm reference, an attacker can successfully access the server without authentication. NOTE: the Security Realms documentation in the product's Admin Guide indicates that "without a security realm reference" implies "effectively unsecured." The vendor explicitly supports these unsecured configurations because they have valid use cases during development

Affected products

2
  • Wildfly/Wildflyinferred2 versions
    = 10.1.2.Final+ 1 more
    • (no CPE)range: = 10.1.2.Final
    • (no CPE)range: = 10.1.2.Final

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.