Description

It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656.

Remediation

References

CVE-2017-12189

Related Vulnerabilities

axios Uncontrolled Resource Consumption Vulnerability (CVE-2021-3749)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4584)

WordPress Plugin Super Interactive Maps for WordPress Arbitrary File Upload (1.9)

MySQL Other Vulnerability (CVE-2006-1518)

WordPress Plugin Simple JWT Login-Login and Register to WordPress using JWT Insecure Password Creation (3.2.1)

Severity

High

Classification

CVE-2017-12189 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities