PT-2018-5048 · Red Hat · Jboss As

Bharti Kundal

Publicado

2018-05-22

Atualizado

2019-10-09

CVE-2016-8656

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Jboss jbossas versions prior to 5.2.0-23 Jboss jbossas versions prior to 6.4.13 Jboss jbossas versions prior to 7.0.5

Description The issue is related to unsafe file handling in the jboss init script, which could result in local privilege escalation.

Recommendations For versions prior to 5.2.0-23, update to version 5.2.0-23 or later. For versions prior to 6.4.13, update to version 6.4.13 or later. For versions prior to 7.0.5, update to version 7.0.5 or later.

Correção

LPE

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284CWE-264

Identificadores relacionados

CVE-2016-8656

RHSA-2017:0244

RHSA-2017:0245

RHSA-2017:0246

RHSA-2017:0250

RHSA-2017:0831

RHSA-2017:0832

RHSA-2017:0834

RHSA-2017:3454

RHSA-2017:3455

RHSA-2017:3458

RHSA-2018:1609

Produtos afetados

Jboss As

PT-2018-5048 · Red Hat · Jboss As

CVE-2016-8656

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 15