What is CVE-2021-3644?

CVE-2021-3644 is a low-severity vulnerability in Redhat Descision_manager, classified under Information Disclosure. CVSS score: 3.3/10. Published 2022-08-26.

How severe is CVE-2021-3644?

Low severity. CVSS v3 base score is 3.3 out of 10.

Information disclosure in Redhat Descision_manager

CVE-2021-3644

A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expre…

Vulnerability class: Information Disclosure

EPSS: 0.007 (49.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.3 (Low). Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N.

Affected products

Redhat Descision_manager — versions 7.0
Redhat Wildfly — versions 16.0.0, 17.0.0
N/a Wildfly-core — versions Fixed in 16.0.1.Final, 17.0.0.Final and later.

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

secalert@redhat.com (x_refsource_MISC, Issue Tracking, Vendor Advisory)
secalert@redhat.com (x_refsource_MISC, Vendor Advisory)
secalert@redhat.com (Patch, x_refsource_MISC, Vendor Advisory)
secalert@redhat.com (Patch, Third Party Advisory, x_refsource_MISC)
secalert@redhat.com (Patch, Third Party Advisory, x_refsource_MISC)
secalert@redhat.com (Patch, Third Party Advisory, x_refsource_MISC)

Frequently asked questions

What is CVE-2021-3644?: CVE-2021-3644 is a low-severity vulnerability in Redhat Descision_manager, classified under Information Disclosure. CVSS score: 3.3/10. Published 2022-08-26.
How severe is CVE-2021-3644?: Low severity. CVSS v3 base score is 3.3 out of 10.