Vulnerability Details CVE-2012-3427
EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files in the directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.4%
CVSS Severity
CVSS v2 Score 2.1
References
- http://rhn.redhat.com/errata/RHSA-2012-1376.html
- http://secunia.com/advisories/51016
- http://www.osvdb.org/86409
- http://www.securityfocus.com/bid/55945
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79398
- http://rhn.redhat.com/errata/RHSA-2012-1376.html
- http://secunia.com/advisories/51016
- http://www.osvdb.org/86409
- http://www.securityfocus.com/bid/55945
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79398
Products affected by CVE-2012-3427
-
cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.2