Description
EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files in the directory.
Remediation
References
Related Vulnerabilities
Python Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20907)
Atlassian Confluence Incorrect Authorization Vulnerability (CVE-2023-22518)
MySQL CVE-2015-4730 Vulnerability (CVE-2015-4730)
WordPress Plugin Import Spreadsheets from Microsoft Excel Arbitrary File Upload (10.1.4)