2 matches found
EUVD-1999-1312
Malware in sbrugna...
EAP: missing authorization check for Monitor/Deployer/Auditor role when shutting down server
It was found that JBoss EAP did not properly authorize a user performing a shut down. A remote user with the Monitor, Deployer, or Auditor role could use this flaw to shut down the EAP server, which is an action restricted to admin users...