CVE-2016-6345

MEDIUM

RESTEasy - Info Disclosure

Title source: llm

Description

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs.

References (2)

Scores

CVSS v3 6.5
EPSS 0.0008
EPSS Percentile 24.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-200
Status published

Affected Products (3)

redhat/resteasy
org.jboss.resteasy/resteasy-client < 3.0.20.FinalMaven
n/a/n/a

Timeline

Published Sep 07, 2016
Tracked Since Feb 18, 2026