CVE-2014-0005
Summary
| CVE | CVE-2014-0005 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-02-20 16:59:00 UTC |
| Updated | 2015-03-28 01:59:00 UTC |
| Description | PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying a crafted application. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Jboss Enterprise Application Platform | 6.2.2 | All | All | All |
| Application | Redhat | Jboss Enterprise Application Platform | 6.2.2 | All | All | All |
| Application | Redhat | Jboss Enterprise Brms Platform | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Vendor Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Vendor Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Vendor Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Vendor Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.