Lucene search

[email protected]CVE-2014-3701

HistoryDec 15, 2019 - 10:15 p.m.

CVE-2014-3701

2019-12-1522:15:00

CWE-362

[email protected]

web.nvd.nist.gov

cve-2014-3701

edeploy

race condition

nvd

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

69.0%

JSON

eDeploy has tmp file race condition flaws

CPENameOperatorVersion
redhat:edeployredhat edeployeq-
redhat:jboss_enterprise_web_serverredhat jboss enterprise web servereq1.0.0

CPE	Name	Operator	Version
redhat:edeploy	redhat edeploy	eq	-
redhat:jboss_enterprise_web_server	redhat jboss enterprise web server	eq	1.0.0

References

access.redhat.com/security/cve/cve-2014-3701

bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3701

security-tracker.debian.org/tracker/CVE-2014-3701

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

69.0%

JSON

Related for CVE-2014-3701

cvelist1 prion1