Description
PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file.
Remediation
References
Related Vulnerabilities
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2022-2097)
PostgreSQL Incorrect Authorization Vulnerability (CVE-2018-10925)
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5318)
SeoPanel Cross-site Scripting (XSS) Vulnerability (CVE-2021-3002)
WordPress Plugin Video Conferencing with Zoom Cross-Site Scripting (4.0.9)