4
CVE-2014-7849
- EPSS 0.4%
- Veröffentlicht 13.02.2015 15:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginThe Role Based Access Control (RBAC) implementation in JBoss Enterprise Application Platform (EAP) 6.2.0 through 6.3.2 does not properly verify authorization conditions, which allows remote authenticated users to add, modify, and undefine otherwise restricted attributes by leveraging the Maintainer role.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Jboss Enterprise Application Platform Version6.2.0
Redhat ≫ Jboss Enterprise Application Platform Version6.2.1
Redhat ≫ Jboss Enterprise Application Platform Version6.2.2
Redhat ≫ Jboss Enterprise Application Platform Version6.2.3
Redhat ≫ Jboss Enterprise Application Platform Version6.2.4
Redhat ≫ Jboss Enterprise Application Platform Version6.3.0
Redhat ≫ Jboss Enterprise Application Platform Version6.3.1
Redhat ≫ Jboss Enterprise Application Platform Version6.3.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.4% | 0.598 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:N
|