Unsecured Server Provisioning Vulnerability in Galleon
CVE-2023-4503
6.8MEDIUM
Key Information:
What is CVE-2023-4503?
An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.
Affected Version(s)
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 0:2.2.28-1.SP1_redhat_00001.1.el8eap
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 0:7.4.14-5.GA_redhat_00002.1.el8eap
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 0:2.2.28-1.SP1_redhat_00001.1.el9eap