CVE-2025-23368 (GCVE-0-2025-23368)
Vulnerability from cvelistv5 – Published: 2025-03-04 15:14 – Updated: 2025-11-20 07:37
VLAI?
Summary
A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.
Severity ?
8.1 (High)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Affected:
0 , ≤ 27.0.0.Final
(semver)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Red Hat would like to thank Claudia Bartolini (TIM S.p.A), Marco Ventura (TIM S.p.A), and Massimiliano Brolli (TIM S.p.A) for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23368",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-04T15:57:14.702481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T15:57:33.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/wildfly/wildfly-core",
"defaultStatus": "unknown",
"packageName": "wildfly-core",
"versions": [
{
"lessThanOrEqual": "27.0.0.Final",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:build_keycloak:"
],
"defaultStatus": "unaffected",
"packageName": "org.wildfly.security/wildfly-elytron",
"product": "Red Hat Build of Keycloak",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "affected",
"packageName": "org.wildfly.security/wildfly-elytron",
"product": "Red Hat Data Grid 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "unknown",
"packageName": "org.wildfly.security/wildfly-elytron",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:integration:1"
],
"defaultStatus": "affected",
"packageName": "org.wildfly.security/wildfly-elytron",
"product": "Red Hat Integration Camel K 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:7"
],
"defaultStatus": "unknown",
"packageName": "org.wildfly.security/wildfly-elytron",
"product": "Red Hat JBoss Data Grid 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7"
],
"defaultStatus": "affected",
"packageName": "wildfly-elytron",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "affected",
"packageName": "wildfly-elytron",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"packageName": "wildfly-elytron",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "unknown",
"packageName": "org.wildfly.security/wildfly-elytron",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7"
],
"defaultStatus": "unknown",
"packageName": "org.wildfly.security/wildfly-elytron",
"product": "Red Hat Single Sign-On 7",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Claudia Bartolini (TIM S.p.A), Marco Ventura (TIM S.p.A), and Massimiliano Brolli (TIM S.p.A) for reporting this issue."
}
],
"datePublic": "2025-03-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T07:37:10.258Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-23368"
},
{
"name": "RHBZ#2337621",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337621"
},
{
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-14T14:56:46.792000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-03-03T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Org.wildfly.core:wildfly-elytron-integration: wildfly elytron brute force attack via cli",
"workarounds": [
{
"lang": "en",
"value": "The effectiveness of an attack will also be dependent on the complexity of the usernames and passwords defined for the target installation."
}
],
"x_redhatCweChain": "CWE-307: Improper Restriction of Excessive Authentication Attempts"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-23368",
"datePublished": "2025-03-04T15:14:47.806Z",
"dateReserved": "2025-01-14T15:23:42.646Z",
"dateUpdated": "2025-11-20T07:37:10.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-23368\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-03-04T16:15:39.270\",\"lastModified\":\"2025-10-14T16:56:41.847\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en la integraci\u00f3n de Wildfly Elytron. El componente no implementa medidas suficientes para evitar m\u00faltiples intentos fallidos de autenticaci\u00f3n en un corto per\u00edodo de tiempo, lo que lo hace m\u00e1s susceptible a ataques de fuerza bruta a trav\u00e9s de la interfaz de l\u00ednea de comandos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-307\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:data_grid:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7095200A-4DAC-4433-99E8-86CA88E1E4D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A54BDA-311C-413B-8E4D-388AD65A170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D8BC03A-4198-4488-946B-3F6B43962942\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:wildfly_elytron:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFEA6A65-6254-48E3-8BB0-A4D7805C01AF\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-23368\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2337621\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.gruppotim.it/it/footer/red-team.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-23368\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-04T15:57:14.702481Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-04T15:57:26.577Z\"}}], \"cna\": {\"title\": \"Org.wildfly.core:wildfly-elytron-integration: wildfly elytron brute force attack via cli\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Claudia Bartolini (TIM S.p.A), Marco Ventura (TIM S.p.A), and Massimiliano Brolli (TIM S.p.A) for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"27.0.0.Final\"}], \"packageName\": \"wildfly-core\", \"collectionURL\": \"https://github.com/wildfly/wildfly-core\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:build_keycloak:\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Build of Keycloak\", \"packageName\": \"org.wildfly.security/wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_data_grid:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Data Grid 8\", \"packageName\": \"org.wildfly.security/wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_fuse:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Fuse 7\", \"packageName\": \"org.wildfly.security/wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:integration:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Integration Camel K 1\", \"packageName\": \"org.wildfly.security/wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_data_grid:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Data Grid 7\", \"packageName\": \"org.wildfly.security/wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7\", \"packageName\": \"wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8\", \"packageName\": \"wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jbosseapxp\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform Expansion Pack\", \"packageName\": \"wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_bpms_platform:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Process Automation 7\", \"packageName\": \"org.wildfly.security/wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:red_hat_single_sign_on:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Single Sign-On 7\", \"packageName\": \"org.wildfly.security/wildfly-elytron\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-01-14T14:56:46.792000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-03-03T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-03-03T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2025-23368\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2337621\", \"name\": \"RHBZ#2337621\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://www.gruppotim.it/it/footer/red-team.html\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"The effectiveness of an attack will also be dependent on the complexity of the usernames and passwords defined for the target installation.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-307\", \"description\": \"Improper Restriction of Excessive Authentication Attempts\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-20T07:37:10.258Z\"}, \"x_redhatCweChain\": \"CWE-307: Improper Restriction of Excessive Authentication Attempts\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-23368\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-20T07:37:10.258Z\", \"dateReserved\": \"2025-01-14T15:23:42.646Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-03-04T15:14:47.806Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…