CVE-2022-1278

HIGH

WildFly < 27.0.0 - Information Exposure via Trace Payload

Title source: llm
STIX 2.1

Description

A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.

References (1)

Core 1
Core References
Issue Tracking, Vendor Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=2073401

Scores

CVSS v3 7.5
EPSS 0.0070
EPSS Percentile 48.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-1188
Status published
Products (9)
org.wildfly.bom/wildfly 0 - 27.0.0.Beta1Maven
redhat/amq 2.0
redhat/amq_online
redhat/integration_camel_k
redhat/integration_service_registry
redhat/jboss_a-mq 7
redhat/jboss_enterprise_application_platform_expansion_pack
redhat/single_sign-on 7.0
redhat/wildfly < 27.0.0
Published Sep 13, 2022
Tracked Since Feb 18, 2026