Description

Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment.

Remediation

References

CVE-2014-0018

Related Vulnerabilities

WordPress Plugin Yoast SEO Security Bypass (1.4.6)

Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.9.4)

Oracle Database Server CVE-2009-3413 Vulnerability (CVE-2009-3413)

Internet Information Services Other Vulnerability (CVE-1999-0233)

Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20417)

Severity

Low

Classification

CVE-2014-0018 CWE-264

Tags

Missing Update Known Vulnerabilities