Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The storeFiles method in JPADriftServerBean in Red Hat JBoss Operations Network (JON) 3.1.2 allows local users to load arbitrary drift files into a server by writing the files to the temporary directory that is used to unpack zip files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat JBoss Operations Network ‘storeFiles()’不安全临时目录创建漏洞
Vulnerability Description
Red Hat JBoss Operations Network(JON)是美国红帽(Red Hat)公司的一款基于J2EE的开源应用程序服务器,它可部署、管理、监控JBoss企业中间件、应用程序和服务。 Red Hat JON 3.1.2版本中的JPADriftServerBean中的‘storeFiles’方法创建临时目录过程中存在安全漏洞。当解压ZIP文件时,远程攻击者可通过写入文件到临时目录利用该漏洞加载任意drift文件到服务器。
CVSS Information
N/A
Vulnerability Type
N/A