A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
Fixes

Solution

No solution given by the vendor.


Workaround

Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.

History

Tue, 05 Nov 2024 02:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:jboss_enterprise_application_platform:8 cpe:/a:redhat:jboss_enterprise_application_platform:8.0
cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
References

Tue, 15 Oct 2024 01:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 15 Oct 2024 00:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:jboss_enterprise_application_platform:7 cpe:/a:redhat:jboss_enterprise_application_platform:7.4
cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7
cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8
cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9
References

Wed, 18 Sep 2024 08:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:build_keycloak:22 cpe:/a:redhat:build_keycloak:

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-09-16T00:08:32.364Z

Reserved: 2024-04-22T13:59:47.506Z

Link: CVE-2024-4029

cve-icon Vulnrichment

Updated: 2024-08-01T20:26:57.279Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-02T15:15:07.227

Modified: 2024-11-21T09:42:03.370

Link: CVE-2024-4029

cve-icon Redhat

Severity : Low

Publid Date: 2024-05-02T00:00:00Z

Links: CVE-2024-4029 - Bugzilla

cve-icon OpenCVE Enrichment

No data.