2 matches found
CVE-2014-9000
Mule Enterprise Management Console MMC does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was originally reported for ESB...
CVE-2014-9000
The CVE-2014-9000 entry concerns Mule Enterprise Management Console (MMC). The issue is an access control flaw where MMC does not properly restrict access to handler/securityService.rpc, allowing remote authenticated users to gain administrator privileges and execute arbitrary code by crafting a ...