Description

Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does not properly authorize access to shut down the server, which allows remote authenticated users with the Monitor, Deployer, or Auditor role to cause a denial of service via unspecified vectors.

Remediation

References

CVE-2015-5304

Related Vulnerabilities

MySQL CVE-2012-1757 Vulnerability (CVE-2012-1757)

Apache HTTP Server CVE-2003-0789 Vulnerability (CVE-2003-0789)

WordPress Plugin Sermon Browser Multiple Cross-Site Scripting Vulnerabilities (0.45.15)

Roundcube Unspesificed Vulnerability (CVE-2018-9846)

WordPress Plugin iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0)

Severity

Low

Classification

CVE-2015-5304 CWE-264

Tags

Missing Update Known Vulnerabilities