Vulnerability Details CVE-2012-0032
Red Hat JBoss Operations Network (JON) before 3.0.1 uses 0777 permissions for the root directory when installing a remote client, which allows local users to read or modify subdirectories and files within the root directory, as demonstrated by obtaining JON credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.8%
CVSS Severity
CVSS v2 Score 3.7
References
Products affected by CVE-2012-0032
-
cpe:2.3:a:redhat:jboss_operations_network:1.0.0
-
cpe:2.3:a:redhat:jboss_operations_network:2.0.0
-
cpe:2.3:a:redhat:jboss_operations_network:2.0.1
-
cpe:2.3:a:redhat:jboss_operations_network:2.1.0
-
cpe:2.3:a:redhat:jboss_operations_network:2.1.2
-
cpe:2.3:a:redhat:jboss_operations_network:2.2
-
cpe:2.3:a:redhat:jboss_operations_network:2.3
-
cpe:2.3:a:redhat:jboss_operations_network:2.3.1
-
cpe:2.3:a:redhat:jboss_operations_network:2.4
-
cpe:2.3:a:redhat:jboss_operations_network:2.4.1
-
cpe:2.3:a:redhat:jboss_operations_network:2.4.2
-
cpe:2.3:a:redhat:jboss_operations_network:3.0