CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-14299 – picketbox: JBoss EAP reload to admin-only mode allows authentication bypass
https://notcve.org/view.php?id=CVE-2020-14299
13 Oct 2020 — A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability. Se encontró un fallo en JBoss EAP, donde la configuración de autenticación se configura usando un SecurityRealm heredado, para delegarlo ... • https://bugzilla.redhat.com/show_bug.cgi?id=1848533 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-19343 – Undertow: Memory Leak in Undertow HttpOpenListener due to holding remoting connections indefinitely
https://notcve.org/view.php?id=CVE-2019-19343
16 Jun 2020 — A flaw was found in Undertow when using Remoting as shipped in Red Hat Jboss EAP before version 7.2.4. A memory leak in HttpOpenListener due to holding remote connections indefinitely may lead to denial of service. Versions before undertow 2.0.25.SP1 and jboss-remoting 5.0.14.SP1 are believed to be vulnerable. Se encontró una falla en Undertow al usar Remoting como se envió en Red Hat Jboss EAP anterior a la versión 7.2.4. Una filtrado de memoria en HttpOpenListener debido a mantener conexiones remotas... • https://bugzilla.redhat.com/show_bug.cgi?id=1780445 • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-14885 – EAP: Vault system property security attribute value is revealed on CLI 'reload' command
https://notcve.org/view.php?id=CVE-2019-14885
20 Jan 2020 — A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information. Se detectó un fallo en el sistema JBoss EAP Vault en todas las versiones anteriores a 7.2.6.GA. La información confidencial del valor del atributo de seguridad de la propiedad del sistema es revelada en el arch... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-12167 – EAP-7: Wrong privileges on multiple property files
https://notcve.org/view.php?id=CVE-2017-12167
14 Dec 2017 — It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. Se ha detectado en EAP 7 en versiones anteriores a la 7.0.9 que los archivos basados en propiedades de la administración y la configuración del dominio de la aplicación que contienen mapeo de usuario a rol son legibles para todos los usuarios, permi... • http://www.securityfocus.com/bid/100903 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7066 – admin-cli: Any local users can connect to jboss-cli
https://notcve.org/view.php?id=CVE-2016-7066
14 Dec 2017 — It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. Se ha detectado que los permisos incorrectos por defecto en el directorio /tmp/auth en JBoss Enterprise Application Platform en versiones anteriores a la 7.1.0 pueden permitir que cualquier usuario local se conecte a la interfaz de línea de comandos y ejecute cualquier operación arbit... • https://access.redhat.com/errata/RHSA-2017:3456 • CWE-266: Incorrect Privilege Assignment CWE-275: Permission Issues •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1849
https://notcve.org/view.php?id=CVE-2015-1849
19 Sep 2017 — AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled. AdvancedLdapLodinMogule en Red Hat JBoss Enterprise Application Platform (EAP) en versiones anteriores a la 6.4.1 permite que los atacantes obtengan información sensible mediante vectores que implican el registro de la contraseña de las credenciales asociadas al protocolo LDA... • https://bugzilla.redhat.com/show_bug.cgi?id=1199641 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 2%CPEs: 7EXPL: 0CVE-2016-3690
https://notcve.org/view.php?id=CVE-2016-3690
08 Jun 2017 — The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary code via a crafted serialized payload. El PooledInvokerServlet de Jboss EAP en sus versiones 4.x y 5.x permite a un atacante remoto la ejecución de un código aleatorio mediante un payload de diseño serializado. • http://www.securityfocus.com/bid/99079 • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7061 – EAP: Sensitive data can be exposed at the server level in domain mode
https://notcve.org/view.php?id=CVE-2016-7061
19 Jan 2017 — An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. Se ha detectado una vulnerabilidad de divulgación de información en JBoss Enterprise Application Platform en versiones anteriores a la 7.0.4. Se ha descubierto que, al configurar RBAC y marcar información como sensible, los usuarios con rol Monitor puede... • http://rhn.redhat.com/errata/RHSA-2017-0170.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 7%CPEs: 2EXPL: 2CVE-2016-7065 – Red Hat JBoss EAP - Deserialization of Untrusted Data
https://notcve.org/view.php?id=CVE-2016-7065
13 Oct 2016 — The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object. El servlet JMX en Red Hat JBoss Enterprise Application Platform (EAP) 4 y 5 permite a usuarios remotos autenticados provocar una denegación de servicio y posiblemente ejecutar código arbitrario a través de un objeto Java serializado manipulado. • https://packetstorm.news/files/id/139890 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-5406 – EAP7 Privilege escalation when managing domain including earlier version slaves
https://notcve.org/view.php?id=CVE-2016-5406
08 Sep 2016 — The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves. El controlador de dominios en Red Hat JBoss Enterprise Application Platform (EAP) 7.x en versiones anteriores a 7.0.2 permite a usuarios remotos autenticados obtener privilegios aprovechando el fallo de propagación de configuración RBAC administrativa a todos los esclavos. The dom... • http://rhn.redhat.com/errata/RHSA-2016-1838.html • CWE-264: Permissions, Privileges, and Access Controls •