Local Privilege Escalation via Crafted Deployment in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server
CVE-2014-0018 · LOW Severity
AV:L/AC:M/AU:N/C:N/I:P/A:N
Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container (MSC) service registry, which allows local users to modify the server via a crafted deployment.
Learn more about our Cis Benchmark Audit For Server Software.