Critical severity9.1NVD Advisory· Published Mar 16, 2020· Updated Jun 17, 2026
CVE-2019-14887
CVE-2019-14887
Description
A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network. Wildfly version 7.2.0.GA, 7.2.3.GA and 7.2.5.CR2 are believed to be vulnerable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Red Hat/wildflyv5Range: 7.2.0.GA, 7.2.3.GA, 7.2.5.CR2
Patches
Vulnerability mechanics
References
3- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor Advisory
- security.netapp.com/advisory/ntap-20200327-0007/nvdThird Party Advisory
- issues.redhat.com/browse/JBEAP-17965nvdPermissions Required
News mentions
0No linked articles in our index yet.