Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Wildfly Elytron CLI authentication vulnerable to brute force attacks
CVE-2025-23368
GHSA-qhp6-6p8p-2rqh
Summary
The Wildfly Elytron integration does not limit failed login attempts, making it easier for attackers to try multiple login combinations. This can lead to unauthorized access to your system. To protect yourself, update to WildFly 39.0.1 or later, and consider monitoring your network traffic for suspicious activity.
What to do
- Update wildfly org.wildfly.core:wildfly-elytron-integration to version 32.0.0.Beta3.
- Update wildfly org.wildfly.core:wildfly-elytron-integration to version 31.0.3.Final.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| wildfly | org.wildfly.core:wildfly-elytron-integration | > 32.0.0.Beta1 , <= 32.0.0.Beta3 | 32.0.0.Beta3 |
| wildfly | org.wildfly.core:wildfly-elytron-integration | <= 31.0.3.Final | 31.0.3.Final |
| redhat | wildfly_core | <= 31.0.3 | – |
| redhat | data_grid | 8.0 | – |
| redhat | jboss_enterprise_application_platform | 7.0.0 | – |
| redhat | jboss_enterprise_application_platform | 8.0.0 | – |
Original title
Wildfly Elytron integration susceptible to brute force attacks via CLI
Original description
### Impact
A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.
### Patches
The default behaviour has been changed in WildFly Core 31.0.3.Final, and 32.0.0.Beta3 - the first version is used by WildFly 39.0.1.Final and the second will be included in WildFly 40.
### Workarounds
No direct workaround.
Monitoring network traffic / blocking suspicious traffic may help.
### References
https://www.cve.org/CVERecord?id=CVE-2025-23368
https://issues.redhat.com/browse/WFCORE-7192
### Acknowledgements
We would like to thank Claudia Bartolini (TIM S.p.A), Marco Ventura (TIM S.p.A), and Massimiliano Brolli (TIM S.p.A) for reporting this issue.
A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.
### Patches
The default behaviour has been changed in WildFly Core 31.0.3.Final, and 32.0.0.Beta3 - the first version is used by WildFly 39.0.1.Final and the second will be included in WildFly 40.
### Workarounds
No direct workaround.
Monitoring network traffic / blocking suspicious traffic may help.
### References
https://www.cve.org/CVERecord?id=CVE-2025-23368
https://issues.redhat.com/browse/WFCORE-7192
### Acknowledgements
We would like to thank Claudia Bartolini (TIM S.p.A), Marco Ventura (TIM S.p.A), and Massimiliano Brolli (TIM S.p.A) for reporting this issue.
nvd CVSS3.1
8.1
Vulnerability type
CWE-307
- https://github.com/wildfly/wildfly-core/security/advisories/GHSA-qhp6-6p8p-2rqh
- https://nvd.nist.gov/vuln/detail/CVE-2025-23368
- https://github.com/wildfly/wildfly-core/pull/6634
- https://github.com/wildfly/wildfly-core/pull/6635
- https://github.com/wildfly/wildfly-core/commit/11e873031c522a0b36afb59880ce4dd59...
- https://github.com/wildfly/wildfly-core/commit/a6f9d7534aa44de741337756f8377ad3a...
- https://github.com/advisories/GHSA-qhp6-6p8p-2rqh
- https://access.redhat.com/security/cve/CVE-2025-23368 Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2337621 Vendor Advisory
- https://www.gruppotim.it/it/footer/red-team.html Exploit Third Party Advisory
Published: 13 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026