Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files in the directory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
JBoss Enterprise Application Platform 权限许可和访问控制漏洞
Vulnerability Description
Red Hat JBoss Enterprise Application Platform(EAP)是美国红帽(Red Hat)公司的一套开源、基于J2EE的中间件平台。该平台主要用于构建、部署和托管Java应用程序与服务。 JBoss EAP 5.1.2版本中的EC2 Amazon Machine Image (AMI)中存在安全漏洞,该漏洞源于程序对/var/cache/jboss-ec2-eap/目录使用不安全的全局可读权限。本地攻击者可通过读取目录下的文件利用该漏洞读取敏感信息如Amazon We
CVSS Information
N/A
Vulnerability Type
N/A