CVE-2020-1732

A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request.
Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:soteria:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform_continuous_delivery:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-05-04 17:15

Updated : 2024-02-28 17:47


NVD link : CVE-2020-1732

Mitre link : CVE-2020-1732

CVE.ORG link : CVE-2020-1732


JSON object : View

Products Affected

redhat

  • jboss_enterprise_application_platform
  • jboss_enterprise_application_platform_continuous_delivery
  • soteria
  • openshift_application_runtimes
CWE
CWE-20

Improper Input Validation

CWE-284

Improper Access Control