WildFly Log Trace Data Disclosure: Leakage of Deployment Names
CVE-2022-1278 Published on September 13, 2022

A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.

NVD

Weakness Type

Insecure Default Initialization of Resource

The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.

Products Associated with CVE-2022-1278

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-1278 are published in these products:

Red Hat Wildfly

Red Hat Single Sign On

Red Hat Amq

Red Hat Integration Service Registry

Red Hat Integration Camel K

Red Hat Jboss A Mq

Red Hat Jboss Enterprise Application Platform Expansion Pack

Red Hat Amq Online

Exploit Probability

EPSS

0.88%

Percentile

75.06%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

WildFly Log Trace Data Disclosure: Leakage of Deployment NamesCVE-2022-1278 Published on September 13, 2022

Weakness Type

Insecure Default Initialization of Resource

Products Associated with CVE-2022-1278

Exploit Probability

WildFly Log Trace Data Disclosure: Leakage of Deployment Names
CVE-2022-1278 Published on September 13, 2022