Jboss EAP Permissions Privileges and Access Controls Vulnerability - CVE-2014-0018 - Vulnerability Database

Jboss EAP Permissions Privileges and Access Controls Vulnerability - CVE-2014-0018

Low
Reference: CVE-2014-0018
Title: Jboss EAP Permissions Privileges and Access Controls Vulnerability
Overview:

Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.0 and JBoss WildFly Application Server when run under a security manager do not properly restrict access to the Modular Service Container (MSC) service registry which allows local users to modify the server via a crafted deployment.