Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2018-10934
HistoryMar 27, 2019 - 1:29 p.m.

CVE-2018-10934

2019-03-2713:29:00
CWE-79
[email protected]
web.nvd.nist.gov

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

44.7%

JSON

A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.

Affected configurations

NVD
Node
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_serverMatch7.0
AND
redhatjboss_enterprise_application_platformMatch7.0
Node
redhatjboss_enterprise_application_platformMatch7.1.0
OR
redhatsingle_sign-onMatch7.2

Related

prion 1
veracode 1
cve 1
redhatcve 1
cvelist 1
redhat 8
nessus 6
prion
prion
Cross site scripting
2019-03-27 13:29:00
veracode
veracode
Cross-site Scripting (XSS)
2019-05-16 04:05:02
cve
cve
CVE-2018-10934
2019-03-27 13:29:00
redhatcve
redhatcve
CVE-2018-10934
2018-08-16 00:24:30
cvelist
cvelist
CVE-2018-10934
2019-03-27 12:20:07
redhat
redhat
(RHSA-2019:0362) Moderate: Red Hat JBoss Enterprise Application Platform 7.1.6 security update
2019-02-18 15:33:24
(RHSA-2019:1161) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.22 security update
2019-05-13 16:51:54
(RHSA-2019:0365) Moderate: Red Hat JBoss Enterprise Application Platform 7.1.6 for RHEL 7 security update
2019-02-18 15:35:43
nessus
nessus
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.6 for RHEL 7 (RHSA-2019:0365)
2019-02-20 00:00:00
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.1.6 on RHEL 6 (RHSA-2019:0364)
2019-02-20 00:00:00
RHEL 7 : JBoss EAP (RHSA-2019:1161)
2019-05-14 00:00:00

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

44.7%

JSON
Related for NVD:CVE-2018-10934
prion1veracode1cve1redhatcve1cvelist1redhat8nessus6