CVE-2014-0018

Published: Feb 14, 2014Modified: Apr 29, 2026

1.9

Vector

AV:L/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 3.4 / Impact: 2.9

Source: NVD

Description

Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment.

Affected (2)

Products: Redhat: Jboss Enterprise Application Platform, Jboss Wildfly Application Server

2 products

Jboss Enterprise Application Platform

Jboss Wildfly Application Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Redhat Jboss Enterprise Application Platform	Version 6.2.0
Redhat Jboss Wildfly Application Server	All versions

Related CWEs

References (10)

http://rhn.redhat.com/errata/RHSA-2014-0170.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2014-0171.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2014-0172.html

Source: secalert@redhat.com

Vendor Advisory

http://www.securityfocus.com/bid/65591

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1052783

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2014-0170.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2014-0171.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2014-0172.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/65591

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=1052783

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.