CVE-2013-1921 Vulnerability in maven package org.picketbox:jbosssx-bare

Description

PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file.

Remediation

References

https://bugzilla.redhat.com/show_bug.cgi?id=948106

http://rhn.redhat.com/errata/RHSA-2013-1207.html

http://rhn.redhat.com/errata/RHSA-2013-1208.html

http://rhn.redhat.com/errata/RHSA-2013-1209.html

http://rhn.redhat.com/errata/RHSA-2013-1437.html

http://rhn.redhat.com/errata/RHSA-2014-0029.html

Related Vulnerabilities

CVE-2021-21631 Vulnerability in maven package org.jenkins-ci.plugins:cloud-stats

CVE-2019-1003041 Vulnerability in maven package org.jenkins-ci.plugins:script-security

CVE-2023-28681 Vulnerability in maven package org.jenkins-ci.plugins:vs-code-metrics

CVE-2018-20677 Vulnerability in maven package org.webjars.bowergithub.jasny:bootstrap

CVE-2022-33140 Vulnerability in maven package org.apache.nifi.registry:nifi-registry-core

Severity

Critical

Classification

CWE-310