Description

It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656.

Remediation

References

CVE-2017-12189

Related Vulnerabilities

WordPress Plugin Link Library Cross-Site Scripting (5.9.5.5)

XOOPS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4433)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7927)

WordPress Plugin ContentStudio Multiple Vulnerabilities (1.2.5)

WordPress Plugin Debug Log Manager Security Bypass (2.2.1)

Severity

High

Classification

CVE-2017-12189 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities