VDB
CVE-2014-0248
CVE-2014-0248
PUBLISHED
CVSS 6.800000190734863 MEDIUM
org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework Kit 2.5.0, JBoss Enterprise Application Platform (JBEAP) 5.2.0, and JBoss Enterprise Web Platform (JBEWP) 5.2.0 allows remote attackers to execute arbitrary code via a crafted authentication header, related to Seam logging.
EPSS 2.65% · 86.0th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
2.65%
86.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| redhat | jboss_web_framework_kit | 2.5.0 |
| n/a | n/a | n/a |
| redhat | jboss_enterprise_web_platform | 5.2.0 |
| redhat | jboss_enterprise_application_platform | 5.2.0 |
Exploit Intelligence
- 59554 (circl)
- 59555 (circl)
- 59346 (circl)
- RHSA-2015:1888 (circl)
- RHSA-2014:0793 (circl)
- 1030457 (circl)
- RHSA-2014:0785 (circl)
- RHSA-2014:0791 (circl)
- RHSA-2014:0792 (circl)
- RHSA-2014:0794 (circl)
Timeline
- Jul 7, 2014 CVE Published
- Jan 4, 2018 CVE Updated
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 14, 2023 EPSS Score
References
- 59554 third-party-advisory
- 59555 third-party-advisory
- 59346 third-party-advisory
- RHSA-2015:1888 vendor-advisory
- RHSA-2014:0793 vendor-advisory
- 1030457 vdb
- RHSA-2014:0785 vendor-advisory
- RHSA-2014:0791 vendor-advisory
- RHSA-2014:0792 vendor-advisory
- RHSA-2014:0794 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2014-0248 advisory
- https://access.redhat.com/errata/RHSA-2014:0785 url
- https://access.redhat.com/errata/RHSA-2014:0792 url
- https://access.redhat.com/errata/RHSA-2014:0793 url
- https://access.redhat.com/errata/RHSA-2014:0794 url
- https://access.redhat.com/errata/RHSA-2015:1888 url
- https://access.redhat.com/security/cve/CVE-2014-0248 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1101619 url