CVE-2020-1719
CVE-2020-1719 is a medium-severity vulnerability in Redhat Wildfly with a CVSS 3.x base score of 5.4. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-270.
Key facts
- Severity: Medium (CVSS 3.x base score 5.4)
- CVSS v2: 5.5
- EPSS exploit prediction: 1% (43rd percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-270
- Affected product: Redhat Wildfly
- Published:
- Last modified:
Description
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected.
Frequently asked questions
- What is CVE-2020-1719?
- A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected.
- How severe is CVE-2020-1719?
- CVE-2020-1719 has a CVSS 3.x base score of 5.4, rated medium severity. It is exploitable over network with low attack complexity, requires low privileges and no user interaction. Impact on confidentiality is low, integrity low, and availability none.
- Is CVE-2020-1719 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (43rd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2020-1719?
- CVE-2020-1719 affects Redhat Wildfly. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2020-1719?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2020-1719 published?
- CVE-2020-1719 was published on 2021-06-07 and last updated on 2026-06-17.
References
Affected products (1)
- cpe:2.3:a:redhat:wildfly:*:*:*:*:*:*:*:*
More vulnerabilities in Redhat Wildfly
- CVE-2018-10683 — Critical (CVSS 9.8): An issue was discovered in WildFly 10.1.2.Final. In the case of a default installation without a security realm…
- CVE-2019-14887 — Critical (CVSS 9.1): A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly…
- CVE-2019-3894 — High (CVSS 8.8): It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a…
- CVE-2022-1278 — High (CVSS 7.5): A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace…
- CVE-2020-10718 — High (CVSS 7.5): A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed…
- CVE-2020-10740 — Medium (CVSS 6.6): A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible…
All CVEs affecting Redhat Wildfly →
Other CWE-270 vulnerabilities
- CVE-2023-37912 — Critical (CVSS 9.9): XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. Prior…
- CVE-2023-25754 — Critical (CVSS 9.8): Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache…
- CVE-2024-11263 — Critical (CVSS 9.3): When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past…
- CVE-2024-36513 — High (CVSS 8.2): A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version…
- CVE-2017-2663 — High (CVSS 8.2): It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the…
- CVE-2025-9408 — High (CVSS 8.1): System call entry on Cortex M (and possibly R and A, but I think not) has a race which allows very practical privilege…