WildFly Elytron Brute Force Attack Vulnerability via CLI

A vulnerability exists in the WildFly Elytron integration, where the component fails to adequately limit repeated authentication failures within a short period. This shortcoming increases the risk of brute force attacks through the Command Line Interface (CLI). The vulnerability can be exploited over the network on any WildFly or JBoss EAP ports that require HTTP or SASL authentication.

Impact

Exploitation of this vulnerability could lead to successful brute force attacks, allowing attackers to gain unauthorized access by guessing credentials.

Reproduction

The vulnerability can be reproduced by attempting to authenticate repeatedly within a short time frame over a network connection to a WildFly or JBoss EAP port that requires HTTP or SASL authentication. This can be automated with a script or tool that sends multiple authentication requests in quick succession, taking advantage of the lack of proper rate limiting.