vulnerability
Red Hat JBoss EAP: CVE-2017-12189: Improper Ownership Management
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Jan 3, 2018 | Sep 19, 2024 | Jul 2, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Jan 3, 2018
Added
Sep 19, 2024
Modified
Jul 2, 2025
Description
It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656.. It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.
Solution
red-hat-jboss-eap-upgrade-latest
References
- CWE-282
- CVE-2017-12189
- https://attackerkb.com/topics/CVE-2017-12189
- URL-https://access.redhat.com/security/cve/CVE-2017-12189
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=1499631
- URL-https://access.redhat.com/errata/RHSA-2018:0002
- URL-https://access.redhat.com/errata/RHSA-2018:0003
- URL-https://access.redhat.com/errata/RHSA-2018:0004
- URL-https://access.redhat.com/errata/RHSA-2018:0005
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.