Lucene search
HistoryJul 08, 2015 - 3:59 p.m.
CVE-2014-8175
red hat
jboss fuse
vulnerability
bypass
restrictions
access
hawtio console
nvd
cve-2014-8175
7.4 High
AI Score
Confidence
High
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
60.4%
Red Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions and access the HawtIO console by leveraging an account defined in the users.properties file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:jboss_fuse | redhat jboss fuse | le | 6.1.0 |
Related
prion
prion
Design/Logic Flaw
2015-07-08 15:59:00
redhat
redhat
(RHSA-2015:1177) Important: Red Hat JBoss A-MQ 6.2.0 update
2015-06-23 16:46:14
(RHSA-2015:1176) Important: Red Hat JBoss Fuse 6.2.0 update
2015-06-23 16:46:09
symantec
symantec
SA98 : OpenSSL Security Advisory 11-June-2015
2015-06-17 08:00:00
7.4 High
AI Score
Confidence
High
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
60.4%
Related for CVE-2014-8175