Lucene search

[email protected]CVE-2013-4452

HistoryDec 24, 2013 - 7:55 p.m.

CVE-2013-4452

2013-12-2419:55:07

CWE-264

[email protected]

web.nvd.nist.gov

red hat

jboss

operations network

cve-2013-4452

vulnerability

sensitive information

authentication credentials

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for the (1) server and (2) agent configuration files, which allows local users to obtain authentication credentials and other unspecified sensitive information by reading these files.

Affected configurations

NVD

Node

redhatjboss_operations_networkMatch3.1.2

CPENameOperatorVersion
redhat:jboss_operations_networkredhat jboss operations networkeq3.1.2

CPE	Name	Operator	Version
redhat:jboss_operations_network	redhat jboss operations network	eq	3.1.2

References

rhn.redhat.com/errata/RHSA-2013-1762.html

secunia.com/advisories/55852

www.securityfocus.com/bid/63916

www.securitytracker.com/id/1029390

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2013-4452

nvd1 prion1 cvelist1