Medium Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-1849)	CVE-2015-1849 CWE-200	CWE-200	Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6311)	CVE-2016-6311 CWE-200	CWE-200	Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-7061)	CVE-2016-7061 CWE-200	CWE-200	Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2582)	CVE-2017-2582 CWE-200	CWE-200	Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12167)	CVE-2017-12167 CWE-200	CWE-200	Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-14642)	CVE-2018-14642 CWE-200	CWE-200	Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14820)	CVE-2019-14820 CWE-200	CWE-200	Medium
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14885)	CVE-2019-14885 CWE-200	CWE-200	Medium
Jboss EAP Improper Access Control Vulnerability (CVE-2013-4213)	CVE-2013-4213 CWE-284	CWE-284	Medium
Jboss EAP Improper Authentication Vulnerability (CVE-2011-4085)	CVE-2011-4085 CWE-287	CWE-287	Medium
Jboss EAP Improper Authentication Vulnerability (CVE-2012-0874)	CVE-2012-0874 CWE-287	CWE-287	Medium
Jboss EAP Improper Authentication Vulnerability (CVE-2020-14299)	CVE-2020-14299 CWE-287	CWE-287	Medium
Jboss EAP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-0248)	CVE-2014-0248 CWE-94	CWE-94	Medium
Jboss EAP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3518)	CVE-2014-3518 CWE-94	CWE-94	Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2010-1871)	CVE-2010-1871 CWE-20	CWE-20	Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2011-4314)	CVE-2011-4314 CWE-20	CWE-20	Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2011-4575)	CVE-2011-4575 CWE-20	CWE-20	Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2014-0034)	CVE-2014-0034 CWE-20	CWE-20	Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2018-1000873)	CVE-2018-1000873 CWE-20	CWE-20	Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2019-12400)	CVE-2019-12400 CWE-20	CWE-20	Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-1732)	CVE-2020-1732 CWE-20	CWE-20	Medium
Jboss EAP Improper Input Validation Vulnerability (CVE-2020-10693)	CVE-2020-10693 CWE-20	CWE-20	Medium
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2595)	CVE-2017-2595 CWE-22	CWE-22	Medium
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1047)	CVE-2018-1047 CWE-22	CWE-22	Medium
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-10862)	CVE-2018-10862 CWE-22	CWE-22	Medium
Jboss EAP Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2016-4993)	CVE-2016-4993 CWE-707	CWE-707	Medium
Jboss EAP Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2018-1067)	CVE-2018-1067 CWE-113	CWE-113	Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0455)	CVE-2008-0455 CWE-707	CWE-707	Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-2405)	CVE-2009-2405 CWE-707	CWE-707	Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6495)	CVE-2013-6495 CWE-707	CWE-707	Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10934)	CVE-2018-10934 CWE-707	CWE-707	Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3872)	CVE-2019-3872 CWE-707	CWE-707	Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10219)	CVE-2019-10219 CWE-707	CWE-707	Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10688)	CVE-2020-10688 CWE-707	CWE-707	Medium
Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3536)	CVE-2021-3536 CWE-707	CWE-707	Medium
Jboss EAP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-14900)	CVE-2019-14900 CWE-138	CWE-138	Medium
Jboss EAP Improper Privilege Management Vulnerability (CVE-2019-14838)	CVE-2019-14838 CWE-269	CWE-269	Medium
Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2011-4610)	CVE-2011-4610 CWE-119	CWE-119	Medium
Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-5220)	CVE-2015-5220 CWE-119	CWE-119	Medium
Jboss EAP Improper Validation of Integrity Check Value Vulnerability (CVE-2023-48795)	CVE-2023-48795 CWE-354	CWE-354	Medium
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-2666)	CVE-2017-2666 CWE-444	CWE-444	Medium
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687)	CVE-2020-10687 CWE-444	CWE-444	Medium
Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10719)	CVE-2020-10719 CWE-444	CWE-444	Medium
Jboss EAP Incorrect Authorization Vulnerability (CVE-2014-0169)	CVE-2014-0169 CWE-863	CWE-863	Medium
Jboss EAP Incorrect Authorization Vulnerability (CVE-2017-12196)	CVE-2017-12196 CWE-863	CWE-863	Medium
Jboss EAP Incorrect Authorization Vulnerability (CVE-2022-0866)	CVE-2022-0866 CWE-863	CWE-863	Medium
Jboss EAP Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2021-3642)	CVE-2021-3642		Medium
Jboss EAP Other Vulnerability (CVE-2020-1710)	CVE-2020-1710		Medium
Jboss EAP Other Vulnerability (CVE-2023-3628)	CVE-2023-3628		Medium
Jboss EAP Other Vulnerability (CVE-2023-3629)	CVE-2023-3629		Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-0738)	CVE-2010-0738 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1428)	CVE-2010-1428 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1429)	CVE-2010-1429 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1484)	CVE-2011-1484 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2196)	CVE-2011-2196 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1154)	CVE-2012-1154 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1167)	CVE-2012-1167 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3369)	CVE-2012-3369 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3370)	CVE-2012-3370 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4549)	CVE-2012-4549 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4550)	CVE-2012-4550 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5478)	CVE-2012-5478 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2133)	CVE-2013-2133 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0093)	CVE-2014-0093 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3464)	CVE-2014-3464 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3472)	CVE-2014-3472 CWE-264	CWE-264	Medium
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7849)	CVE-2014-7849 CWE-264	CWE-264	Medium
Jboss EAP Resource Management Errors Vulnerability (CVE-2016-7046)	CVE-2016-7046		Medium
Jboss EAP Session Fixation Vulnerability (CVE-2021-20324)	CVE-2021-20324 CWE-384	CWE-384	Medium
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2014-0118)	CVE-2014-0118 CWE-400	CWE-400	Medium
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8627)	CVE-2016-8627 CWE-400	CWE-400	Medium
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14340)	CVE-2020-14340 CWE-400	CWE-400	Medium
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25689)	CVE-2020-25689 CWE-400	CWE-400	Medium
Jboss EAP Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2011-2487)	CVE-2011-2487 CWE-327	CWE-327	Medium
JBoss status servlet information leak	CVE-2010-1429 CWE-200	CWE-200	Medium

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-1849)

CVE-2015-1849

CWE-200

Medium

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6311)

CVE-2016-6311

CWE-200

Medium

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-7061)

CVE-2016-7061

CWE-200

Medium

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2582)

CVE-2017-2582

CWE-200

Medium

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12167)

CVE-2017-12167

CWE-200

Medium

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-14642)

CVE-2018-14642

CWE-200

Medium

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14820)

CVE-2019-14820

CWE-200

Medium

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14885)

CVE-2019-14885

CWE-200

Medium

Jboss EAP Improper Access Control Vulnerability (CVE-2013-4213)

CVE-2013-4213

CWE-284

Medium

Jboss EAP Improper Authentication Vulnerability (CVE-2011-4085)

CVE-2011-4085

CWE-287

Medium

Jboss EAP Improper Authentication Vulnerability (CVE-2012-0874)

CVE-2012-0874

CWE-287

Medium

Jboss EAP Improper Authentication Vulnerability (CVE-2020-14299)

CVE-2020-14299

CWE-287

Medium

Jboss EAP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-0248)

CVE-2014-0248

CWE-94

Medium

Jboss EAP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3518)

CVE-2014-3518

CWE-94

Medium

Jboss EAP Improper Input Validation Vulnerability (CVE-2010-1871)

CVE-2010-1871

CWE-20

Medium

Jboss EAP Improper Input Validation Vulnerability (CVE-2011-4314)

CVE-2011-4314

CWE-20

Medium

Jboss EAP Improper Input Validation Vulnerability (CVE-2011-4575)

CVE-2011-4575

CWE-20

Medium

Jboss EAP Improper Input Validation Vulnerability (CVE-2014-0034)

CVE-2014-0034

CWE-20

Medium

Jboss EAP Improper Input Validation Vulnerability (CVE-2018-1000873)

CVE-2018-1000873

CWE-20

Medium

Jboss EAP Improper Input Validation Vulnerability (CVE-2019-12400)

CVE-2019-12400

CWE-20

Medium

Jboss EAP Improper Input Validation Vulnerability (CVE-2020-1732)

CVE-2020-1732

CWE-20

Medium

Jboss EAP Improper Input Validation Vulnerability (CVE-2020-10693)

CVE-2020-10693

CWE-20

Medium

Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-2595)

CVE-2017-2595

CWE-22

Medium

Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-1047)

CVE-2018-1047

CWE-22

Medium

Jboss EAP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-10862)

CVE-2018-10862

CWE-22

Medium

Jboss EAP Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2016-4993)

CVE-2016-4993

CWE-707

Medium

Jboss EAP Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Vulnerability (CVE-2018-1067)

CVE-2018-1067

CWE-113

Medium

Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0455)

CVE-2008-0455

CWE-707

Medium

Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-2405)

CVE-2009-2405

CWE-707

Medium

Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6495)

CVE-2013-6495

CWE-707

Medium

Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10934)

CVE-2018-10934

CWE-707

Medium

Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3872)

CVE-2019-3872

CWE-707

Medium

Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-10219)

CVE-2019-10219

CWE-707

Medium

Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-10688)

CVE-2020-10688

CWE-707

Medium

Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3536)

CVE-2021-3536

CWE-707

Medium

Jboss EAP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-14900)

CVE-2019-14900

CWE-138

Medium

Jboss EAP Improper Privilege Management Vulnerability (CVE-2019-14838)

CVE-2019-14838

CWE-269

Medium

Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2011-4610)

CVE-2011-4610

CWE-119

Medium

Jboss EAP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-5220)

CVE-2015-5220

CWE-119

Medium

Jboss EAP Improper Validation of Integrity Check Value Vulnerability (CVE-2023-48795)

CVE-2023-48795

CWE-354

Medium

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-2666)

CVE-2017-2666

CWE-444

Medium

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10687)

CVE-2020-10687

CWE-444

Medium

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-10719)

CVE-2020-10719

CWE-444

Medium

Jboss EAP Incorrect Authorization Vulnerability (CVE-2014-0169)

CVE-2014-0169

CWE-863

Medium

Jboss EAP Incorrect Authorization Vulnerability (CVE-2017-12196)

CVE-2017-12196

CWE-863

Medium

Jboss EAP Incorrect Authorization Vulnerability (CVE-2022-0866)

CVE-2022-0866

CWE-863

Medium

Jboss EAP Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2021-3642)

CVE-2021-3642

Medium

Jboss EAP Other Vulnerability (CVE-2020-1710)

CVE-2020-1710

Medium

Jboss EAP Other Vulnerability (CVE-2023-3628)

CVE-2023-3628

Medium

Jboss EAP Other Vulnerability (CVE-2023-3629)

CVE-2023-3629

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-0738)

CVE-2010-0738

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1428)

CVE-2010-1428

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1429)

CVE-2010-1429

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1484)

CVE-2011-1484

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2196)

CVE-2011-2196

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1154)

CVE-2012-1154

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1167)

CVE-2012-1167

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3369)

CVE-2012-3369

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3370)

CVE-2012-3370

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4549)

CVE-2012-4549

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4550)

CVE-2012-4550

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5478)

CVE-2012-5478

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2133)

CVE-2013-2133

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0093)

CVE-2014-0093

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3464)

CVE-2014-3464

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3472)

CVE-2014-3472

CWE-264

Medium

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7849)

CVE-2014-7849

CWE-264

Medium

Jboss EAP Resource Management Errors Vulnerability (CVE-2016-7046)

CVE-2016-7046

Medium

Jboss EAP Session Fixation Vulnerability (CVE-2021-20324)

CVE-2021-20324

CWE-384

Medium

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2014-0118)

CVE-2014-0118

CWE-400

Medium

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2016-8627)

CVE-2016-8627

CWE-400

Medium

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-14340)

CVE-2020-14340

CWE-400

Medium

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25689)

CVE-2020-25689

CWE-400

Medium

Jboss EAP Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2011-2487)

CVE-2011-2487

CWE-327

Medium

JBoss status servlet information leak

CVE-2010-1429

CWE-200

Medium

Medium Severity Vulnerabilities

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities