Lucene search
HistoryDec 16, 2015 - 9:59 p.m.
CVE-2015-5304
red hat
jboss
eap
cve-2015-5304
denial of service
security vulnerability
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
8.6 High
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.7%
Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does not properly authorize access to shut down the server, which allows remote authenticated users with the Monitor, Deployer, or Auditor role to cause a denial of service via unspecified vectors.
Affected configurations
Node
redhatjboss_enterprise_application_platformRange≤6.4.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:jboss_enterprise_application_platform | redhat jboss enterprise application platform | le | 6.4.4 |
Related
openvas
openvas
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:08:49
nvd
nvd
CVE-2015-5304
2015-12-16 21:59:00
prion
prion
Design/Logic Flaw
2015-12-16 21:59:00
cvelist
cvelist
CVE-2015-5304
2015-12-16 21:00:00
redhat
redhat
nessus
nessus
RHEL 6 : JBoss EAP (RHSA-2015:2542)
2015-12-04 00:00:00
RHEL 6 : Red Hat JBoss Enterprise Application Platform 6.4.5 update (Critical) (RHSA-2015:2539)
2015-12-04 00:00:00
RHEL 5 : JBoss EAP (RHSA-2015:2538)
2015-12-04 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
8.6 High
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.7%
Related for CVE-2015-5304