github - ghsa-7ff4-j347-7wj6

ghsa-7ff4-j347-7wj6

Vulnerability from github

Published

2022-05-17 04:14

Modified

2022-05-17 04:14

Details

The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2014-8115"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-02-20T16:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.",
  "id": "GHSA-7ff4-j347-7wj6",
  "modified": "2022-05-17T04:14:49Z",
  "published": "2022-05-17T04:14:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8115"
    },
    {
      "type": "WEB",
      "url": "https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0234.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0235.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2014-8115

Vulnerability from cvelistv5

Published

2015-02-20 16:00

Modified

2024-08-06 13:10

Severity

Summary

The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors.

References

URL	Tags
http://rhn.redhat.com/errata/RHSA-2015-0234.html	vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-0235.html	vendor-advisory, x_refsource_REDHAT
https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3	x_refsource_CONFIRM

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:10:51.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:0234",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0234.html"
          },
          {
            "name": "RHSA-2015:0235",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0235.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-02-20T15:57:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2015:0234",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0234.html"
        },
        {
          "name": "RHSA-2015:0235",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0235.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/droolsjbpm/kie-wb-distributions/commit/90eed433d3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-8115",
    "datePublished": "2015-02-20T16:00:00",
    "dateReserved": "2014-10-10T00:00:00",
    "dateUpdated": "2024-08-06T13:10:51.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.