CVE-2015-5304

Опубликовано: 16 дек. 2015

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does not properly authorize access to shut down the server, which allows remote authenticated users with the Monitor, Deployer, or Auditor role to cause a denial of service via unspecified vectors.

Ссылки

http://rhn.redhat.com/errata/RHSA-2015-2538.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-2539.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-2540.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-2541.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-2542.html
Vendor Advisory
http://www.securitytracker.com/id/1034280
https://bugzilla.redhat.com/show_bug.cgi?id=1273046
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-2538.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-2539.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-2540.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-2541.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-2542.html
Vendor Advisory
http://www.securitytracker.com/id/1034280
https://bugzilla.redhat.com/show_bug.cgi?id=1273046
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*

Версия до 6.4.4 (включая)

EPSS

Процентиль: 79%

0.01287

Низкий

3.5 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2015-5304

redhat

около 10 лет назад

GHSA-gvc6-x7v9-m2cq

github

больше 3 лет назад