What is CVE-2020-1748?

CVE-2020-1748 is a high-severity vulnerability in Redhat Decision_manager. CVSS score: 7.5/10. Published 2020-09-16.

How severe is CVE-2020-1748?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Redhat Decision_manager

CVE-2020-1748

A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads…

EPSS: 0.014 (69.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Redhat Decision_manager — versions 7.0
Redhat Process_automation — versions 7.0
Redhat Wildfly_elytron
N/a Wildfly — versions before wildfly-elytron-1.6.8.Final-redhat-00001

References

secalert@redhat.com (x_refsource_MISC, Issue Tracking, Vendor Advisory)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)

Frequently asked questions

What is CVE-2020-1748?: CVE-2020-1748 is a high-severity vulnerability in Redhat Decision_manager. CVSS score: 7.5/10. Published 2020-09-16.
How severe is CVE-2020-1748?: High severity. CVSS v3 base score is 7.5 out of 10.