Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Observable Differences in Behavior to Error Inputs Vulnerability - CVE-2021-3642 - Vulnerability Database
Jboss EAP

Jboss EAP Observable Differences in Behavior to Error Inputs Vulnerability - CVE-2021-3642

Medium
Reference: CVE-2021-3642
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-3642
Title: Jboss EAP Observable Differences in Behavior to Error Inputs Vulnerability
Overview:

A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality. This flaw affectes Wildfly Elytron versions prior to 1.10.14.Final prior to 1.15.5.Final and prior to 1.16.1.Final.