vulnerability
Red Hat JBoss EAP: CVE-2018-14371: Path Traversal
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Jul 18, 2018 | Sep 19, 2024 | Jul 2, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Jul 18, 2018
Added
Sep 19, 2024
Modified
Jul 2, 2025
Description
The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications.
Solution
red-hat-jboss-eap-upgrade-latest
References
- CWE-22
- CVE-2018-14371
- https://attackerkb.com/topics/CVE-2018-14371
- URL-https://access.redhat.com/security/cve/CVE-2018-14371
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=1607709
- URL-https://access.redhat.com/errata/RHSA-2020:2062
- URL-https://access.redhat.com/errata/RHSA-2020:2063
- URL-https://access.redhat.com/errata/RHSA-2020:2511
- URL-https://access.redhat.com/errata/RHSA-2020:2512
- URL-https://access.redhat.com/errata/RHSA-2020:2513
- URL-https://access.redhat.com/errata/RHSA-2020:2515
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.