CVE-2014-8115

Published: Feb 20, 2015Modified: May 6, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.

Affected (2)

Products: Redhat: Kie Workbench

Redhat

1 product

Kie Workbench

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Redhat Kie Workbench	Version 6.0.0
Redhat Kie Workbench	Version 6.0.1

Related CWEs

CWE-264

References (6)

http://rhn.redhat.com/errata/RHSA-2015-0234.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2015-0235.html

Source: secalert@redhat.com

Vendor Advisory

https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2015-0234.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2015-0235.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.