Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions on audit.log, which allows local users to obtain sensitive information by reading this file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat JBoss Enterprise Application Platform JBoss SX和PicketBox 本地信息泄露漏洞
Vulnerability Description
Red Hat JBoss Enterprise Application Platform(EAP)是美国红帽(Red Hat)公司的一套开源、基于J2EE的中间件平台,它主要用于构建、部署和托管Java应用程序与服务。JBoss SX是一个建立在Java身份验证和授权服务的顶层(JAAS)的安全框架;PicketBox是一个Java安全框架。 Red Hat JBoss EAP 6.2.3之前版本中使用的JBoss SX和PicketBox中存在安全漏洞,该漏洞源于程序为audit.log文件分配全局可
CVSS Information
N/A
Vulnerability Type
N/A