Lucene search

[email protected]NVD:CVE-2014-0005

HistoryFeb 20, 2015 - 4:59 p.m.

CVE-2014-0005

2015-02-2016:59:00

CWE-264

[email protected]

web.nvd.nist.gov

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.8%

JSON

PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying a crafted application.

Affected configurations

NVD

Node

redhatjboss_enterprise_application_platformMatch6.2.2

redhatjboss_enterprise_brms_platformRange≤6.0.3

References

rhn.redhat.com/errata/RHSA-2014-0343.html

rhn.redhat.com/errata/RHSA-2014-0344.html

rhn.redhat.com/errata/RHSA-2014-0345.html

rhn.redhat.com/errata/RHSA-2015-0234.html

rhn.redhat.com/errata/RHSA-2015-0235.html

rhn.redhat.com/errata/RHSA-2015-0720.html

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.8%

JSON

Related for NVD:CVE-2014-0005

prion1 cve1 cvelist1 redhat6 nessus2