VDB
CVE-2009-5066
CVE-2009-5066
PUBLISHED
Reported by redhat · Published August 13, 2012
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Timeline
- Aug 13, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- [oss-security] 20120723 Re: CVE for JBOSS EAP 5.0(twiddle and jmx invocations) ? mailing-listx_refsource_MLIST
- x_refsource_MISC
- x_refsource_CONFIRM
- RHSA-2013:0192 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0198 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0195 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0221 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0196 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0193 vendor-advisoryx_refsource_REDHAT
- 51984 third-party-advisoryx_refsource_SECUNIA
- 52054 third-party-advisoryx_refsource_SECUNIA
- RHSA-2013:0191 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0533 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0197 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0194 vendor-advisoryx_refsource_REDHAT
- [oss-security] 20120720 CVE for JBOSS EAP 5.0(twiddle and jmx invocations) ? mailing-listx_refsource_MLIST