Back to search
CVE-2013-0218
Published: Feb 5, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2013:0206
vendor-advisory
x_refsource_REDHAT
89698
vdb-entry
x_refsource_OSVDB
52041
third-party-advisory
x_refsource_SECUNIA
RHSA-2013:0833
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0207
vendor-advisory
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=903073
x_refsource_MISC
jboss-eap-info-disc(81725)
vdb-entry
x_refsource_XF
57652
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now