CVE-2016-7041

Published: Sep 10, 2018

Modified: Aug 6, 2024

PUBLISHED

CVSS v3.0

6.5

MEDIUM

Description

Drools Workbench contains a path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host.

Vendor	Product	Versions
Red Hat	Drools Workbench	affected `n/a`

Weaknesses (CWE)

CWE-22

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

References

RHSA-2016:2937

vendor-advisory

x_refsource_REDHAT

RHSA-2016:2938

vendor-advisory

x_refsource_REDHAT

94566

vdb-entry

x_refsource_BID

RHSA-2016:2822

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7041

x_refsource_CONFIRM

1037406

vdb-entry

x_refsource_SECTRACK

RHSA-2016:2823

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-7041

Description

Affected Products

Weaknesses (CWE)

CVSS v3.0 Details

References