exploitDog

CVE-2015-0297

Опубликовано: 24 апр. 2015

Источник: nvd

CVSS2: 9

EPSS Низкий

Описание

Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager.

Ссылки

http://rhn.redhat.com/errata/RHSA-2015-0862.html
Vendor Advisory
http://www.securitytracker.com/id/1032181
http://rhn.redhat.com/errata/RHSA-2015-0862.html
Vendor Advisory
http://www.securitytracker.com/id/1032181

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:jboss_operations_network:3.3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00554

Низкий

9 Critical

CVSS2

Дефекты

CWE-284

Связанные уязвимости

CVE-2015-0297

redhat

почти 11 лет назад

Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager.

GHSA-hfm5-vrw2-7m5q

github

больше 3 лет назад

Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager.

EPSS

Процентиль: 68%

0.00554

Низкий

9 Critical

CVSS2

Дефекты

CWE-284