CVE-2014-0093
Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when using a Java Security Manager (JSM), does not properly apply permissions defined by a policy file, which causes applications to be granted the java.security.AllPermission permission and allows remote attackers to bypass intended access restrictions.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0028 (0.3%)
Percentil: 51.2%
EPSS: 2026-05-06
Afecta
redhat:jboss_enterprise_application_platformDescripción técnica
Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when using a Java Security Manager (JSM), does not properly apply permissions defined by a policy file, which causes applications to be granted the java.security.AllPermission permission and allows remote attackers to bypass intended access restrictions.
Publicada: 3/4/2014, 16:15:12
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://rhn.redhat.com/errata/RHSA-2014-0343.html
- http://rhn.redhat.com/errata/RHSA-2014-0344.html
- http://rhn.redhat.com/errata/RHSA-2014-0345.html
- http://secunia.com/advisories/57675
- http://www.securityfocus.com/bid/66596
- http://rhn.redhat.com/errata/RHSA-2014-0343.html
- http://rhn.redhat.com/errata/RHSA-2014-0344.html
- http://rhn.redhat.com/errata/RHSA-2014-0345.html