Description

The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly (formerly JBoss Application Server) uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors.

Remediation

References

CVE-2014-3586

Related Vulnerabilities

PostgreSQL Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-1053)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0123)

WordPress Plugin WP Gravity Forms Insightly Cross-Site Scripting (1.0.6)

WordPress Plugin Contact Form Entries-Contact Form 7, WPforms and more Cross-Site Scripting (1.2.0)

PHP Integer Overflow or Wraparound Vulnerability (CVE-2015-8394)

Severity

Low

Classification

CVE-2014-3586 CWE-264

Tags

Missing Update Known Vulnerabilities