CVE-2014-0248 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-0248 PUBLISHED CVSS 6.800000190734863 MEDIUM

org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform (JBEAP) 5.2.0, and JBoss Enterprise Web Platform (JBEWP) 5.2.0 allows remote attackers to execute arbitrary code via a crafted authentication header, related to Seam logging.

EPSS 2.35% · 84.8th percentile

Risk Scores

CVSS v2.0

6.800000190734863

EPSS Score

2.35%

84.8th percentile

Affected Products

Vendor	Product	Versions
redhat	jboss_web_framework_kit	2.5.0
n/a	n/a	n/a
redhat	jboss_enterprise_web_platform	5.2.0
redhat	jboss_enterprise_application_platform	5.2.0

Timeline

Jul 7, 2014 CVE Published
Jan 4, 2018 CVE Updated
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 3, 2023 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 14, 2023 EPSS Score

References

59554 third-party-advisory
59555 third-party-advisory
59346 third-party-advisory
RHSA-2015:1888 vendor-advisory
RHSA-2014:0793 vendor-advisory
1030457 vdb
RHSA-2014:0785 vendor-advisory
RHSA-2014:0791 vendor-advisory
RHSA-2014:0792 vendor-advisory
RHSA-2014:0794 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2014-0248 advisory
https://access.redhat.com/errata/RHSA-2014:0785 url
https://access.redhat.com/errata/RHSA-2014:0792 url
https://access.redhat.com/errata/RHSA-2014:0793 url
https://access.redhat.com/errata/RHSA-2014:0794 url
https://access.redhat.com/errata/RHSA-2015:1888 url
https://access.redhat.com/security/cve/CVE-2014-0248 url
https://bugzilla.redhat.com/show_bug.cgi?id=1101619 url

Open in Interactive Console →