Lucene search

Redhat.comRH:CVE-2020-14317

HistoryJul 07, 2020 - 11:51 a.m.

CVE-2020-14317

2020-07-0711:51:55

redhat.com

access.redhat.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

11.7%

JSON

It was found that the issue for security flaw CVE-2019-3805, appeared again in another version of the JBoss Enterprise Application Platform - Continuous Delivery (EAP-CD) introducing regression. This flaw allows an attacker to modify the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root. The highest threat from this vulnerability is to system availability.

References

bugzilla.redhat.com/show_bug.cgi?id=1854251

nvd.nist.gov/vuln/detail/CVE-2020-14317

www.cve.org/CVERecord?id=CVE-2020-14317

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

11.7%

JSON

Related for RH:CVE-2020-14317