[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253562

 
 

909

 
 

197267

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-5304Date: (C)2015-12-21   (M)2023-12-22


Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does not properly authorize access to shut down the server, which allows remote authenticated users with the Monitor, Deployer, or Auditor role to cause a denial of service via unspecified vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 3.5
Exploit Score: 6.8
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1034280
RHSA-2015:2538
RHSA-2015:2539
RHSA-2015:2540
RHSA-2015:2541
RHSA-2015:2542
https://bugzilla.redhat.com/show_bug.cgi?id=1273046

CWE    1
CWE-264

© SecPod Technologies