Vulnerability Details : CVE-2014-8115
The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.
Products affected by CVE-2014-8115
- cpe:2.3:a:redhat:kie_workbench:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:kie_workbench:6.0.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-8115
0.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 61 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-8115
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2014-8115
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-8115
-
http://rhn.redhat.com/errata/RHSA-2015-0234.html
RHSA-2015:0234 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-0235.html
RHSA-2015:0235 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3
BZ(1169544,1169556,1169557,1169559,1169560,1169545,1169566,1169565,11… · kiegroup/kie-wb-distributions@90eed43 · GitHub
Jump to