Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0018

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2014-0018
Last Modified 18 Feb 2014 10:54:09
Published 14 Feb 2014 10:55:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0018

Summary

Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment.

Vulnerable Systems

Application

  • Redhat Jboss Enterprise Application Platform 6.2.0

  • Redhat Jboss Wildfly Application Server -


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1052783

REDHAT - RHSA-2014:0172

REDHAT - RHSA-2014:0171

REDHAT - RHSA-2014:0170


Last Updated: 27 May 2016 11:04:28