← Zuruck zu CVEs
CVE-2010-0737
HIGH8.0
Beschreibung
A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not properly check permissions, which allows JBoss ON users to perform management tasks and configuration changes with the privileges of the administrator user.
CVE Details
CVSS v3.1 Bewertung8.0
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorADJACENT_NETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht10/30/2019
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
redhat:jboss_operations_network
Schwachen (CWE)
CWE-732
Referenzen
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0737(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0737(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.