Home

CVE-2017-2595

Description

A vulnerability was found that the log file viewer in Red Hat JBoss Enterprise Application allows arbitrary file read to authenticated user via path traversal.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
1.106

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 6.0.0Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 6.4.0Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 7.0.0Windows
Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 7.1.0Windows
Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability (CVE-2017-2595)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234