PT-2015-3595 · Red Hat · Jboss Brms+1

Publicado

2015-02-20

Atualizado

2015-03-28

CVE-2014-0005

CVSS v2.0

3.6

Baixa

Vetor

AV:L/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Red Hat JBoss Enterprise Application Platform (JBEAP) version 6.2.2 JBoss BRMS versions prior to 6.0.3 roll up patch 2

Description The issue allows remote authenticated users to read and modify the application server configuration and state by deploying a crafted application.

Recommendations For Red Hat JBoss Enterprise Application Platform (JBEAP) version 6.2.2, update to a version that includes the necessary security patches. For JBoss BRMS versions prior to 6.0.3 roll up patch 2, apply roll up patch 2 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2014-0005

RHSA-2014:0343

RHSA-2014:0344

Produtos afetados

Jboss Brms

Red Hat Jboss Enterprise Application Platform

PT-2015-3595 · Red Hat · Jboss Brms+1

CVE-2014-0005

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8