VDB
CVE-2016-8656
CVE-2016-8656
PUBLISHED
CVSS 7 HIGH
Reported by redhat · Published May 22, 2018
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation.
Risk Scores
CVSS 3.0
7
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| jboss | jbossas | jbossas 5.2.0-23, jbossas 6.4.13, jbossas 7.0.5 |
| jboss | jbossas | jbossas 5.2.0-23, jbossas 6.4.13, jbossas 7.0.5 |
Timeline
- May 22, 2018 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 13, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
References
- RHSA-2017:0250 vendor-advisoryx_refsource_REDHAT
- RHSA-2017:0831 vendor-advisoryx_refsource_REDHAT
- RHSA-2017:0834 vendor-advisoryx_refsource_REDHAT
- RHSA-2017:3458 vendor-advisoryx_refsource_REDHAT
- RHSA-2018:1609 vendor-advisoryx_refsource_REDHAT
- RHSA-2017:0832 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
- 96035 vdb-entryx_refsource_BID
- RHSA-2017:0244 vendor-advisoryx_refsource_REDHAT
- RHSA-2017:0246 vendor-advisoryx_refsource_REDHAT
- RHSA-2017:3455 vendor-advisoryx_refsource_REDHAT
- RHSA-2017:3454 vendor-advisoryx_refsource_REDHAT
- RHSA-2017:0245 vendor-advisoryx_refsource_REDHAT