Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8115

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2014-8115
Last Modified 23 Mar 2015 12:53:32
Published 20 Feb 2015 11:59:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-8115

Summary

The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.

Vulnerable Systems

Application

  • Redhat Jboss Kie Workbench 6.0.0

  • Redhat Jboss Kie Workbench 6.0.1

  • Redhat Kie Workbench 6.0.0

  • Redhat Kie Workbench 6.0.1


References

CONFIRM - https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3

REDHAT - RHSA-2015:0235

REDHAT - RHSA-2015:0234


Last Updated: 27 May 2016 11:08:09