Lucene search
HistoryFeb 02, 2014 - 8:55 p.m.
CVE-2012-3427
ec2
ami
jboss eap
aws
security vulnerability
nvd
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files in the directory.
Affected configurations
Node
redhatjboss_enterprise_application_platformMatch5.1.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:jboss_enterprise_application_platform | redhat jboss enterprise application platform | eq | 5.1.2 |
Related
cvelist
cvelist
CVE-2012-3427
2014-02-02 20:00:00
nessus
nessus
RHEL 6 : jboss-ec2-eap (RHSA-2012:1376)
2013-01-24 00:00:00
redhat
redhat
(RHSA-2012:1376) Low: jboss-ec2-eap security update
2012-10-16 00:00:00
prion
prion
Input validation
2014-02-02 20:55:00
nvd
nvd
CVE-2012-3427
2014-02-02 20:55:04
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2012-3427