Lucene search
RedhatCVE-2014-8115HistoryFeb 20, 2015 - 4:59 p.m.
CVE-2014-8115
2015-02-2016:59:03
CWE-264
redhat
web.nvd.nist.gov
25
cve-2014-8115
kie workbench
authorization
remote users
file read/write
access restrictions
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.002
Percentile
62.1%
The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.
Affected configurations
Node
redhatkie_workbenchMatch6.0.0
ORredhatkie_workbenchMatch6.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | kie_workbench | 6.0.0 | cpe:2.3:a:redhat:kie_workbench:6.0.0:*:*:*:*:*:*:* |
| redhat | kie_workbench | 6.0.1 | cpe:2.3:a:redhat:kie_workbench:6.0.1:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-8115
2015-02-20 16:59:03
prion
prion
Authorization
2015-02-20 16:59:00
cvelist
cvelist
CVE-2014-8115
2015-02-20 16:00:00
redhat
redhat
(RHSA-2015:0234) Important: Red Hat JBoss BPM Suite 6.0.3 security update
2015-02-17 22:21:04
(RHSA-2015:0235) Important: Red Hat JBoss BRMS 6.0.3 security update
2015-02-17 22:22:40
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.002
Percentile
62.1%
Related for CVE-2014-8115