CVE-2025-23368
Published: 04 March 2025
Summary
CVE-2025-23368 is a high-severity Improper Restriction of Excessive Authentication Attempts (CWE-307) vulnerability in Redhat Jboss Enterprise Application Platform. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Brute Force (T1110); ranked at the 40.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-7 (Unsuccessful Logon Attempts) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
AC-7 directly enforces limits on consecutive unsuccessful logon attempts and account lockouts, comprehensively mitigating the brute force vulnerability in Wildfly Elytron CLI authentication.
SI-2 requires timely identification, reporting, and correction of flaws like the insufficient brute-force protections in Wildfly Elytron integration.
AU-12 ensures audit records are generated for failed authentication events, enabling detection of brute force patterns targeting the vulnerable CLI mechanism.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a lack of rate limiting on authentication attempts in the Wildfly Elytron CLI mechanism, directly enabling brute force attacks (T1110) to obtain unauthorized access.
NVD Description
A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.
Deeper analysisAI
CVE-2025-23368, published on 2025-03-04, is a vulnerability in the Wildfly Elytron integration. The affected component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, rendering it more susceptible to brute force attacks via CLI. It carries a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H) and maps to CWE-307: Improper Restriction of Excessive Authentication Attempts.
Remote network attackers can exploit this flaw without requiring privileges or user interaction, although it demands high attack complexity. By conducting brute force attacks against the CLI authentication mechanism, attackers can potentially gain unauthorized access, resulting in high impacts to confidentiality, integrity, and availability.
Mitigation details are available in the Red Hat security advisory at https://access.redhat.com/security/cve/CVE-2025-23368 and the associated Bugzilla entry at https://bugzilla.redhat.com/show_bug.cgi?id=2337621.
Details
- CWE(s)