Lucene search
RedhatCVE-2012-3427HistoryFeb 02, 2014 - 8:55 p.m.
CVE-2012-3427
2014-02-0220:55:04
CWE-264
redhat
web.nvd.nist.gov
26
ec2
ami
jboss eap
aws
security vulnerability
nvd
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0
Percentile
5.1%
EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files in the directory.
Affected configurations
Node
redhatjboss_enterprise_application_platformMatch5.1.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | jboss_enterprise_application_platform | 5.1.2 | cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-3427
2014-02-02 20:00:00
redhat
redhat
(RHSA-2012:1376) Low: jboss-ec2-eap security update
2012-10-16 00:00:00
nessus
nessus
RHEL 6 : jboss-ec2-eap (RHSA-2012:1376)
2013-01-24 00:00:00
prion
prion
Input validation
2014-02-02 20:55:00
nvd
nvd
CVE-2012-3427
2014-02-02 20:55:04
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2012-3427