Critical severity9.8NVD Advisory· Published May 9, 2018· Updated Jun 17, 2026
CVE-2018-10683
CVE-2018-10683
Description
An issue was discovered in WildFly 10.1.2.Final. In the case of a default installation without a security realm reference, an attacker can successfully access the server without authentication. NOTE: the Security Realms documentation in the product's Admin Guide indicates that "without a security realm reference" implies "effectively unsecured." The vendor explicitly supports these unsecured configurations because they have valid use cases during development
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/kmkz/exploit/blob/master/CVE-2018-10682-CVE-2018-10683.txtnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.