Lucene search
HistoryNov 17, 2014 - 10:59 p.m.
CVE-2014-0059
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.6
Confidence
Low
EPSS
0
Percentile
5.1%
JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions on audit.log, which allows local users to obtain sensitive information by reading this file.
Affected configurations
Node
redhatjboss_enterprise_application_platformRange≤6.2.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | jboss_enterprise_application_platform | * | cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:* |
Related
redhat
redhat
(RHSA-2014:0895) Moderate: Red Hat JBoss Data Grid 6.3.0 update
2014-07-16 17:02:12
cve
cve
CVE-2014-0059
2014-11-17 22:59:02
nessus
nessus
RHEL 6 : JBoss EAP (RHSA-2014:0563)
2014-05-28 00:00:00
RHEL 5 : JBoss EAP (RHSA-2014:0564)
2014-05-28 00:00:00
veracode
veracode
Information Disclosure
2019-01-15 08:52:04
cvelist
cvelist
CVE-2014-0059
2014-11-17 22:00:00
prion
prion
Design/Logic Flaw
2014-11-17 22:59:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2014-0059