Description

It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal.

Remediation

References

CVE-2017-2595

Related Vulnerabilities

Joomla! Core 1.5.x Spam (1.5.0 - 1.5.6)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-37064)

Atlassian Jira Improper Authentication Vulnerability (CVE-2021-39119)

Envoy Proxy Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-9901)

WordPress Plugin Visitor Traffic Real Time Statistics SQL Injection (3.8)

Severity

Medium

Classification

CVE-2017-2595 CWE-22 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities