CVE-2014-7810

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 14-05-2015 02:00

Last modified: - 14-05-2015 02:00

Total changes: - 12

Description

CVE-2014-7810 Tomcat/JbossWeb: security manager bypass via EL expressions

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:P/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

5.8

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=Tomcat AND versionEndExcluding=6.0.24-94.el6_7

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=6

AND

product=Tomcat AND versionEndExcluding=7.0.54-8.el7_2

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=7

AND

product=Tomcat AND versionEndExcluding=6.0.41-15_patch_04.ep6.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=Tomcat AND versionEndExcluding=7.0.54-19_patch_04.ep6.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=Tomcat AND versionEndExcluding=6.0.41-15_patch_04.ep6.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=Tomcat AND versionEndExcluding=7.0.54-19_patch_04.ep6.el6

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=Tomcat AND versionEndExcluding=6.0.41-15_patch_04.ep6.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

product=Tomcat AND versionEndExcluding=7.0.54-20_patch_04.ep6.el7

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2

AND

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=2.1.0

AND

product=Tomcat AND version=

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

AND

product=jbossweb AND version=

vendor=Red Hat Enterprise Linux AND product=jboss_data_grid AND version=6

AND

product=jbossweb AND version=

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_application_platform AND version=6

AND

product=Tomcat AND version=

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jbossweb AND version=

vendor=Red Hat Enterprise Linux AND product=jboss_operations_network AND version=3

AND

product=jbossweb AND version=

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_portal_platform AND version=6

AND

product=jbossweb AND version=

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_soa_platform AND version=4

AND

product=jbossweb AND version=

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_soa_platform AND version=5

Reference

Keywords

REDHAT

CVE-2014-7810

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.