vulnerability

Red Hat JBoss EAP: CVE-2016-8627: Uncontrolled Resource Consumption

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Jan 18, 2017	Sep 19, 2024	Jul 2, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Jan 18, 2017

Added

Sep 19, 2024

Modified

Jul 2, 2025

Description

admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired.. An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired.

Solution

red-hat-jboss-eap-upgrade-latest

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today