Vulnerability Details CVE-2014-8115
The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.2%
CVSS Severity
CVSS v2 Score 6.5
References
- http://rhn.redhat.com/errata/RHSA-2015-0234.html
- http://rhn.redhat.com/errata/RHSA-2015-0235.html
- https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3
- http://rhn.redhat.com/errata/RHSA-2015-0234.html
- http://rhn.redhat.com/errata/RHSA-2015-0235.html
- https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3
Products affected by CVE-2014-8115
-
cpe:2.3:a:redhat:kie_workbench:6.0.0
-
cpe:2.3:a:redhat:kie_workbench:6.0.1