Description

EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files in the directory.

Remediation

References

CVE-2012-3427

Related Vulnerabilities

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3992)

WordPress Plugin CKEditor for WordPress Cross-Site Scripting (4.5.3)

WordPress Plugin Zoho CRM Lead Magnet Cross-Site Scripting (1.7.2.8)

MySQL CVE-2018-3173 Vulnerability (CVE-2018-3173)

WordPress Plugin All-in-One Event Calendar Cross-Site Scripting (2.5.18)

Severity

Low

Classification

CVE-2012-3427 CWE-264

Tags

Missing Update Known Vulnerabilities