CVE-2014-7827
Security: Wrong security context loaded when using SAML2 STS Login Module
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The org.jboss.security.plugins.mapping.JBossMappingManager implementation in JBoss Security in Red Hat JBoss Enterprise Application Platform (EAP) before 6.3.3 uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain.
La implementación org.jboss.security.plugins.mapping.JBossMappingManager en JBoss Security en Red Hat JBoss Enterprise Application Platform (EAP) anterior a 6.3.3 utiliza el dominio de seguridad por defecto cuando un dominio de seguridad no está definido, lo que permite a usuarios remotos autenticados evadir las restricciones de acceso mediante el aprovechamiento de las credenciales en el dominio por defecto para un rol que también está en el dominio de la aplicación.
It was found that when processing undefined security domains, the org.jboss.security.plugins.mapping.JBossMappingManager implementation would fall back to the default security domain if it was available. A user with valid credentials in the defined default domain, with a role that is valid in the expected application domain, could perform actions that were otherwise not available to them. When using the SAML2 STS Login Module, JBossMappingManager exposed this issue due to the PicketLink Trust SecurityActions implementation using a hardcoded default value when defining the context.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-10-03 CVE Reserved
- 2015-02-12 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
- CWE-863: Incorrect Authorization
CAPEC
References (10)
URL | Tag | Source |
---|---|---|
http://www.securitytracker.com/id/1031741 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/100889 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2015-0215.html | 2017-09-08 | |
http://rhn.redhat.com/errata/RHSA-2015-0216.html | 2017-09-08 | |
http://rhn.redhat.com/errata/RHSA-2015-0217.html | 2017-09-08 | |
http://rhn.redhat.com/errata/RHSA-2015-0218.html | 2017-09-08 | |
http://rhn.redhat.com/errata/RHSA-2015-0850.html | 2017-09-08 | |
http://rhn.redhat.com/errata/RHSA-2015-0851.html | 2017-09-08 | |
https://access.redhat.com/security/cve/CVE-2014-7827 | 2015-04-16 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1160574 | 2015-04-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Redhat Search vendor "Redhat" | Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform" | <= 6.3.2 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version " <= 6.3.2" | - |
Affected
|