Lucene search
RedhatCVE-2014-0005HistoryFeb 20, 2015 - 4:59 p.m.
CVE-2014-0005
2015-02-2016:59:00
CWE-264
redhat
web.nvd.nist.gov
31
cve-2014-0005
picketbox
jbosssx
red hat jboss eap
brms
remote users
authentication
application configuration
server state
CVSS2
3.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
AI Score
8.6
Confidence
High
EPSS
0.002
Percentile
65.0%
PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying a crafted application.
Affected configurations
Node
redhatjboss_enterprise_application_platformMatch6.2.2
ORredhatjboss_enterprise_brms_platformRange≤6.0.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | jboss_enterprise_application_platform | 6.2.2 | cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.2:*:*:*:*:*:*:* |
| redhat | jboss_enterprise_brms_platform | * | cpe:2.3:a:redhat:jboss_enterprise_brms_platform:*:*:*:*:*:*:*:* |
Related
prion
prion
Input validation
2015-02-20 16:59:00
nvd
nvd
CVE-2014-0005
2015-02-20 16:59:00
cvelist
cvelist
CVE-2014-0005
2015-02-20 16:00:00
nessus
nessus
RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.2.2 update (Moderate) (RHSA-2014:0343)
2014-04-01 00:00:00
RHEL 6 : JBoss EAP (RHSA-2014:0344)
2014-04-01 00:00:00
redhat
redhat
CVSS2
3.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
AI Score
8.6
Confidence
High
EPSS
0.002
Percentile
65.0%
Related for CVE-2014-0005