WEB APPLICATION VULNERABILITIES Standard & Premium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5304)

Description

Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does not properly authorize access to shut down the server, which allows remote authenticated users with the Monitor, Deployer, or Auditor role to cause a denial of service via unspecified vectors.

Remediation

References

Related Vulnerabilities

WordPress Plugin Clockwork SMS Notfications Cross-Site Scripting (2.0.3)

Jenkins Other Vulnerability (CVE-2021-21689)

PHP-Fusion Improper Privilege Management Vulnerability (CVE-2020-24949)

SharePoint CVE-2021-1707 Vulnerability (CVE-2021-1707)

WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.1.6)

Severity

Low

Classification

CVE-2015-5304 CWE-264

Tags

Missing Update Known Vulnerabilities