Description

Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment.

Remediation

References

CVE-2014-0018

Related Vulnerabilities

Oracle HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2022-25313)

Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-39112)

WordPress Plugin ULTIMATE VIDEO GALLERY Cross-Site Scripting (1.4)

Oracle JRE CVE-2012-5076 Vulnerability (CVE-2012-5076)

Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0508)

Severity

Low

Classification

CVE-2014-0018 CWE-264

Tags

Missing Update Known Vulnerabilities