Sensitive Information Disclosure in JBoss EAP 5.1.2 AMI due to Insecure Permissions
CVE-2012-3427 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files in the directory.
Learn more about our Cis Benchmark Audit For Amazon Web Services.