icon

We found results for “

CVE-2019-3805

Good to know:

Date: October 16, 2020

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.

Language: Java

Severity Score

Severity Score

Weakness Type (CWE)

Improper Privilege Management

CWE-269

Top Fix

icon

Upgrade Version

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): HIGH
Privilegs Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): COMPLETE
Additional information:

Do you need more information?

Contact Us