High severity7.8OSV Advisory· Published May 24, 2022· Updated Jun 17, 2026
CVE-2021-3717
CVE-2021-3717
Description
A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This flaw affects wildfly-core versions prior to 17.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.wildfly.core:wildfly-core-parentMaven | < 17.0 | 17.0 |
Affected products
2- Range: 1.0.0.Alpha1, 1.0.0.Alpha10, 1.0.0.Alpha11, …
Patches
Vulnerability mechanics
References
5- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-p9xf-3rm3-qh2hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-3717ghsaADVISORY
- security.netapp.com/advisory/ntap-20220804-0002/nvdThird Party Advisory
- security.netapp.com/advisory/ntap-20220804-0002ghsaWEB
News mentions
0No linked articles in our index yet.