exploitDog

CVE-2014-8115

Опубликовано: 20 фев. 2015

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.

Ссылки

http://rhn.redhat.com/errata/RHSA-2015-0234.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0235.html
Vendor Advisory
https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3
http://rhn.redhat.com/errata/RHSA-2015-0234.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0235.html
Vendor Advisory
https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:kie_workbench:6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:kie_workbench:6.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00216

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2014-8115

redhat

почти 11 лет назад

The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.

GHSA-7ff4-j347-7wj6

github

больше 3 лет назад

The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.

EPSS

Процентиль: 44%

0.00216

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-264