Описание
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss Enterprise Application Platform 6 | installer | Affected | ||
| Red Hat JBoss Enterprise Web Server 1 | eap-5.2.0 | Affected | ||
| Red Hat JBoss Enterprise Application Platform 5.2 | Fixed | RHSA-2013:0206 | 30.01.2013 | |
| Red Hat JBoss Enterprise Application Platform 6.1 | Fixed | RHSA-2013:0833 | 20.05.2013 | |
| Red Hat JBoss Web Platform 5.2 | Fixed | RHSA-2013:0207 | 30.01.2013 |
Показывать по
Дополнительная информация
Статус:
2.1 Low
CVSS2
Связанные уязвимости
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.
The GUI installer in JBoss Enterprise Application Platform (EAP) and E ...
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.
2.1 Low
CVSS2