CVE-2025-12543 Undertow HTTP server vulnerability in AdminUI

search cancel

CVE-2025-12543 Undertow HTTP server vulnerability in AdminUI

book

Article ID: 435257

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign-On

Issue/Introduction

Running AdminUI, the internal scan tool discovered the vulnerability CVE-2025-12543 that is Undertow HTTP server core, located in these AdminUI repositories (1):

/{home_adminui}/adminui/modules/system/layers/base/org/wildfly/mod_cluster
/{home_adminui}/adminui/modules/system/layers/base/org/wildfly/extension
/{home_adminui}/adminui/modules/system/layers/base/org/wildfly/clustering/web
/{home_adminui}/adminui/modules/system/layers/base/io

Environment

AdminUI 12.8SP8CR01 on RedHat 7;

Resolution

To fix this vulnerability, upgrade the AdminUI to the version 12.9SP1 to benefit from fix DE661157.

Remember that the Policy Server and the Policy Store data definition should also be upgraded to 12.9SP1 (2).

Additional Information

CVE-2025-12543 Detail
Upgrading

Feedback

thumb_up Yes

thumb_down No