Lucene search
RedhatCVE-2014-8175HistoryJul 08, 2015 - 3:59 p.m.
CVE-2014-8175
2015-07-0815:59:00
CWE-264
redhat
web.nvd.nist.gov
31
red hat
jboss fuse
vulnerability
bypass
restrictions
access
hawtio console
nvd
cve-2014-8175
CVSS2
6
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.002
Percentile
60.9%
Red Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions and access the HawtIO console by leveraging an account defined in the users.properties file.
Affected configurations
Node
redhatjboss_fuseRange≤6.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | jboss_fuse | * | cpe:2.3:a:redhat:jboss_fuse:*:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2015-07-08 15:59:00
nvd
nvd
CVE-2014-8175
2015-07-08 15:59:00
cvelist
cvelist
CVE-2014-8175
2015-07-08 15:00:00
redhat
redhat
(RHSA-2015:1177) Important: Red Hat JBoss A-MQ 6.2.0 update
2015-06-23 16:46:14
(RHSA-2015:1176) Important: Red Hat JBoss Fuse 6.2.0 update
2015-06-23 16:46:09
symantec
symantec
SA98 : OpenSSL Security Advisory 11-June-2015
2015-06-17 08:00:00
CVSS2
6
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.002
Percentile
60.9%
Related for CVE-2014-8175