Loading
A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.
Use CWE-203, Redhat vendor hub and Wildfly Elytron product page to widen CVE-2021-3642 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2020-10714, CVE-2020-1748 and CVE-2022-3143 for nearby disclosures in the same product family.