CVE-2016-8656
CVE-2016-8656
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
22 May 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation.
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
jboss · jbossasReferences
http://rhn.redhat.com/errata/RHSA-2017-0244.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0245.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0246.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0250.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0831.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0832.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0834.htmlhttps://access.redhat.com/errata/RHSA-2017:3454https://access.redhat.com/errata/RHSA-2017:3455https://access.redhat.com/errata/RHSA-2017:3458https://access.redhat.com/errata/RHSA-2018:1609https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8656