CVE-2013-4452

CWE-2645 documents5 sources

Severity

2.1LOW

EPSS

0.0%

top 85.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Jboss Operations Network

Timeline

PublishedDec 24

Latest updateMay 17

Description

Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for the (1) server and (2) agent configuration files, which allows local users to obtain authentication credentials and other unspecified sensitive information by reading these files.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDredhat/jboss_operations_network3.1.2

🔴Vulnerability Details

GHSA

GHSA-qm73-fq7q-3wmq: Red Hat JBoss Operations Network 3↗2022-05-17

▶

CVEList

CVE-2013-4452: Red Hat JBoss Operations Network 3↗2013-12-24

▶

📋Vendor Advisories

Red Hat

ON: World readable configuration files expose sensitive data↗2013-11-25

▶

💬Community

Bugzilla

CVE-2013-4452 JBoss ON: World readable configuration files expose sensitive data↗2013-10-22

▶