ID |
CVE-2020-14317
|
Summary |
It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery (EAP-CD) introducing regression. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 4.9 (as of 10-06-2021 - 19:34) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-364 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
COMPLETE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
Last major update |
10-06-2021 - 19:34 |
Published |
02-06-2021 - 12:15 |
Last modified |
10-06-2021 - 19:34 |