CVE-2014-8115

The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
redhatkie_workbench
6.0.0
redhatkie_workbench
6.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2015-0234.html
http://rhn.redhat.com/errata/RHSA-2015-0235.html
https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3
http://rhn.redhat.com/errata/RHSA-2015-0234.html
http://rhn.redhat.com/errata/RHSA-2015-0235.html
https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3