PT-2018-5048 · Red Hat · Jboss As

Bharti Kundal

Published

2018-05-22

Updated

2019-10-09

CVE-2016-8656

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Jboss jbossas versions prior to 5.2.0-23 Jboss jbossas versions prior to 6.4.13 Jboss jbossas versions prior to 7.0.5

Description The issue is related to unsafe file handling in the jboss init script, which could result in local privilege escalation.

Recommendations For versions prior to 5.2.0-23, update to version 5.2.0-23 or later. For versions prior to 6.4.13, update to version 6.4.13 or later. For versions prior to 7.0.5, update to version 7.0.5 or later.

Fix

LPE

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-264

Related Identifiers

CVE-2016-8656

RHSA-2017:0244

RHSA-2017:0245

RHSA-2017:0246

RHSA-2017:0250

RHSA-2017:0831

RHSA-2017:0832

RHSA-2017:0834

RHSA-2017:3454

RHSA-2017:3455

RHSA-2017:3458

RHSA-2018:1609

Affected Products

Jboss As

PT-2018-5048 · Red Hat · Jboss As

CVE-2016-8656

Weakness Enumeration

Related Identifiers

Affected Products

References · 15