Lucene search

K

RedhatCVELIST:CVE-2019-14838

HistoryOct 14, 2019 - 2:32 p.m.

CVE-2019-14838

2019-10-1414:32:53

CWE-284

redhat

www.cve.org

1

5.2 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:H

6.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.2%

A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server

CNA Affected

[
  {
    "product": "wildfly-core",
    "vendor": "Red Hat",
    "versions": [
      {
        "status": "affected",
        "version": "before 7.2.5.GA"
      }
    ]
  }
]

References

access.redhat.com/errata/RHSA-2019:3082

access.redhat.com/errata/RHSA-2019:3083

access.redhat.com/errata/RHSA-2019:4018

access.redhat.com/errata/RHSA-2019:4019

access.redhat.com/errata/RHSA-2019:4020

access.redhat.com/errata/RHSA-2019:4021

access.redhat.com/errata/RHSA-2019:4040

access.redhat.com/errata/RHSA-2019:4041

access.redhat.com/errata/RHSA-2019:4042

access.redhat.com/errata/RHSA-2019:4045

access.redhat.com/errata/RHSA-2020:0728

bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838

5.2 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:H

6.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.2%

Related for CVELIST:CVE-2019-14838

redhatcve2 nessus9 redhat13 cve1 osv2 veracode1 prion1 nvd1 github1 symantec1