Advisories for Maven/Org.wildfly/Wildfly-Server package

A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. The vulnerability is caused …

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qr6x-62gq-4ccp. This link is maintained to preserve external references. Original Description A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor …