Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
The effectiveness of an attack will also be dependent on the complexity of the usernames and passwords defined for the target installation.
Sat, 31 May 2025 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 05 Mar 2025 03:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Tue, 04 Mar 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 04 Mar 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI. | |
Title | Org.wildfly.core:wildfly-elytron-integration: wildfly elytron brute force attack via cli | |
First Time appeared |
Redhat
Redhat build Keycloak Redhat integration Redhat jboss Data Grid Redhat jboss Enterprise Application Platform Redhat jboss Enterprise Bpms Platform Redhat jboss Fuse Redhat jbosseapxp Redhat red Hat Single Sign On |
|
Weaknesses | CWE-307 | |
CPEs | cpe:/a:redhat:build_keycloak: cpe:/a:redhat:integration:1 cpe:/a:redhat:jboss_data_grid:7 cpe:/a:redhat:jboss_data_grid:8 cpe:/a:redhat:jboss_enterprise_application_platform:7 cpe:/a:redhat:jboss_enterprise_application_platform:8 cpe:/a:redhat:jboss_enterprise_bpms_platform:7 cpe:/a:redhat:jboss_fuse:7 cpe:/a:redhat:jbosseapxp cpe:/a:redhat:red_hat_single_sign_on:7 |
|
Vendors & Products |
Redhat
Redhat build Keycloak Redhat integration Redhat jboss Data Grid Redhat jboss Enterprise Application Platform Redhat jboss Enterprise Bpms Platform Redhat jboss Fuse Redhat jbosseapxp Redhat red Hat Single Sign On |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-09-25T17:09:48.985Z
Reserved: 2025-01-14T15:23:42.646Z
Link: CVE-2025-23368

Updated: 2025-03-04T15:57:26.577Z

Status : Awaiting Analysis
Published: 2025-03-04T16:15:39.270
Modified: 2025-05-31T19:15:20.510
Link: CVE-2025-23368


No data.