CVE-2016-8627 in JBoss Enterprise Application Platforminfo

Summary

admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsible

Red Hat, Inc.

Reservation

10/12/2016

Disclosure

05/11/2018

Moderation

VulDB entry created

Entries

1: VDB-95800

CPE

ready

CWE

CWE-400 (Confirmed)

CVSS

5.4

EPSS

0.00801

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-8627
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8627
CVE Details	https://www.cvedetails.com/cve/CVE-2016-8627/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!