Описание
It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations.
It was found that the improper default permissions on /tmp/auth directory in EAP 7 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss Enterprise Application Platform 7 | keycloak-admin-client | Affected | ||
| Red Hat JBoss EAP 7 | Fixed | RHSA-2017:3456 | 13.12.2017 |
Показывать по
Дополнительная информация
Статус:
6.1 Medium
CVSS2
Связанные уязвимости
It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations.
It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations.
6.1 Medium
CVSS2