Description
Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does not properly authorize access to shut down the server, which allows remote authenticated users with the Monitor, Deployer, or Auditor role to cause a denial of service via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin JS Job Manager Unspecified Vulnerability (1.0.9)
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3730)
WordPress Plugin Booking Calendar PHP Object Injection (9.1)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2335)
WordPress Plugin WordPress WP-Advanced-Search Cross-Site Request Forgery (3.3.8)