Local Privilege Escalation via Crafted Deployment in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server

Local Privilege Escalation via Crafted Deployment in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server

CVE-2014-0018 · LOW Severity

AV:L/AC:M/AU:N/C:N/I:P/A:N

Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment.

Learn more about our Cis Benchmark Audit For Server Software.