4
CVE-2014-7849
- EPSS 0.4%
- Veröffentlicht 13.02.2015 15:59:05
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginThe Role Based Access Control (RBAC) implementation in JBoss Enterprise Application Platform (EAP) 6.2.0 through 6.3.2 does not properly verify authorization conditions, which allows remote authenticated users to add, modify, and undefine otherwise restricted attributes by leveraging the Maintainer role.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Jboss Enterprise Application Platform Version6.2.0
Redhat ≫ Jboss Enterprise Application Platform Version6.2.1
Redhat ≫ Jboss Enterprise Application Platform Version6.2.2
Redhat ≫ Jboss Enterprise Application Platform Version6.2.3
Redhat ≫ Jboss Enterprise Application Platform Version6.2.4
Redhat ≫ Jboss Enterprise Application Platform Version6.3.0
Redhat ≫ Jboss Enterprise Application Platform Version6.3.1
Redhat ≫ Jboss Enterprise Application Platform Version6.3.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.4% | 0.598 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:N
|