- Description
- A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability stems from untrusted data deserialization handled by JBoss Marshalling. This flaw allows an attacker to send a specially crafted serialized object, leading to remote code execution without requiring authentication.
- Source
- secalert@redhat.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 6.2
- Impact score
- 5.5
- Exploitability score
- 0.7
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
- Severity
- MEDIUM
- secalert@redhat.com
- CWE-502
- Hype score
- Not currently trending
๐จ CVE-2025-2251 ๐ MEDIUM (6.2) ๐ข Red Hat - Red Hat JBoss Enterprise Application Platform 7 ๐๏ธ None ๐ https://t.co/doUDg5ynUO ๐ https://t.co/RAOi3Mow8G #CyberCron #VulnAlert #InfoSec https://t.co/pTLxosfFuf
@cybercronai
8 Apr 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2251 A security flaw exists in WildFly and JBoss Enterprise Application Platform (EAP) within the Enterprise JavaBeans (EJB) remote invocation mechanism. This vulnerability โฆ https://t.co/eL9YqDRYS8
@CVEnew
7 Apr 2025
337 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes