11 matches found
wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default
It was found that Wildfly users had default user permissions set incorrectly. A malicious user could use this flaw to access unauthorized controls for the application server...
wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default
It was found that Wildfly users had default user permissions set incorrectly. A malicious user could use this flaw to access unauthorized controls for the application server...
wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default
It was found that Wildfly users had default user permissions set incorrectly. A malicious user could use this flaw to access unauthorized controls for the application server...
Red Hat JBoss Enterprise Application Platform Denial of Service Vulnerability
Red Hat JBoss Enterprise Application Platform is a set of open source , J2EE-based middleware platform. Red Hat JBoss Enterprise Application Platform fails to properly authorize server shutdown privileges, allowing remote attackers to conduct denial-of-service attacks in the Monitor, Deployer, or...
EAP: missing authorization check for Monitor/Deployer/Auditor role when shutting down server
It was found that JBoss EAP did not properly authorize a user performing a shut down. A remote user with the Monitor, Deployer, or Auditor role could use this flaw to shut down the EAP server, which is an action restricted to admin users...
EAP: missing authorization check for Monitor/Deployer/Auditor role when shutting down server
It was found that JBoss EAP did not properly authorize a user performing a shut down. A remote user with the Monitor, Deployer, or Auditor role could use this flaw to shut down the EAP server, which is an action restricted to admin users...
EAP: missing authorization check for Monitor/Deployer/Auditor role when shutting down server
It was found that JBoss EAP did not properly authorize a user performing a shut down. A remote user with the Monitor, Deployer, or Auditor role could use this flaw to shut down the EAP server, which is an action restricted to admin users...
EAP: missing authorization check for Monitor/Deployer/Auditor role when shutting down server
It was found that JBoss EAP did not properly authorize a user performing a shut down. A remote user with the Monitor, Deployer, or Auditor role could use this flaw to shut down the EAP server, which is an action restricted to admin users...
EAP: missing authorization check for Monitor/Deployer/Auditor role when shutting down server
It was found that JBoss EAP did not properly authorize a user performing a shut down. A remote user with the Monitor, Deployer, or Auditor role could use this flaw to shut down the EAP server, which is an action restricted to admin users...
Design/Logic Flaw
The Administration Console in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not properly enforce certain Domain Security Policies, which allows remote administrative users in the Deployer role to upload arbitrary files...
CVE-2007-2699
The Administration Console in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not properly enforce certain Domain Security Policies, which allows remote administrative users in the Deployer role to upload arbitrary files...