39 matches found
EUVD-2007-6643
Malware in sbrugna...
EUVD-2016-7941
Malware in sbrugna...
org.wildfly.core:wildfly-server: Wildfly improper RBAC permission
A flaw was found in the Wildfly Server Role Based Access Control RBAC provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor ro...
org.wildfly.core:wildfly-server: Wildfly improper RBAC permission
A flaw was found in the Wildfly Server Role Based Access Control RBAC provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor ro...
org.wildfly.core:wildfly-server: Wildfly improper RBAC permission
A flaw was found in the Wildfly Server Role Based Access Control RBAC provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor ro...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization in the execute functions in ServerSuspendHandler.java and ServerResumeHandler.java, which do not perform sufficient checks for the authorization of the running user. This allows a user with the Monitor or Auditor...
CVE-2025-23367
A flaw was found in the Wildfly Server Role Based Access Control RBAC provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor ro...
CVE-2021-21531
Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform unauthorized actions...
wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default
It was found that Wildfly users had default user permissions set incorrectly. A malicious user could use this flaw to access unauthorized controls for the application server...
wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default
It was found that Wildfly users had default user permissions set incorrectly. A malicious user could use this flaw to access unauthorized controls for the application server...
wildfly-core: Incorrect privileges for 'Monitor', 'Auditor' and 'Deployer' user by default
It was found that Wildfly users had default user permissions set incorrectly. A malicious user could use this flaw to access unauthorized controls for the application server...
Information Disclosure
eap7-jboss-xnio-base is vulnerable to information disclosure attacks. The vulnerability exists as an information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with ...
CVE-2016-7061
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information...
Information disclosure
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information...
EAP: Sensitive data can be exposed at the server level in domain mode
It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information...
EAP: Sensitive data can be exposed at the server level in domain mode
It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information...
EAP: Sensitive data can be exposed at the server level in domain mode
It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information...
EAP: Sensitive data can be exposed at the server level in domain mode
It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information...
CVE-2017-12785
The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. This could be used by a read-only user monitor role to gain privileged root code execution on the...
Command injection
The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. This could be used by a read-only user monitor role to gain privileged root code execution on the...