Loading...

XML

Word

Printable

Type: Feature Request
Resolution: Unresolved
Priority: Critical
Fix Version/s: None
Affects Version/s: None
Component/s: Security
Labels:
None

This is recorded as a Feature Request as the solution for this vulnerability is to add an entire new layer of functionality to the application server that did not previously exist.

blocks

WFCORE-7193 [Community] Add configuration to tune the brute force authentication counter measures

Open

depends on

ELY-2891 Add Utility that can wrap SecurityRealm to provide brute force back off protection for username / password auth

Coding In Progress

is cloned by

WFLY-20765 CVE-2025-23368 WildFly Elytron Brute Force Authentication Attack

Pull Request Sent

is related to

WFWIP-687 [WFCORE-7192] Brute Force Authentication Attack: SASL/HTTP inconsistency when attempting valid disabled authentication

Open

Assignee:: Darran Lofthouse

Reporter:: Darran Lofthouse

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2025/03/21 9:48 AM

Updated:: 2025/07/03 12:29 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide