A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2021-08-05T20:48:01

Updated: 2024-08-03T17:01:07.598Z

Reserved: 2021-07-12T00:00:00

Link: CVE-2021-3642

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-08-05T21:15:13.183

Modified: 2021-10-20T14:36:57.747

Link: CVE-2021-3642

cve-icon Redhat

Severity : Moderate

Publid Date: 2021-06-30T00:00:00Z

Links: CVE-2021-3642 - Bugzilla