VDB

RHSA-2013%3A0207

RHSA-2013%3A0207 PUBLISHED CVSS 2.0999999046325684 LOW

The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.

Risk Scores

CVSS 2.0
2.0999999046325684

Affected Products

VendorProductVersions
Red HatRed Hat JBoss Web Platform 5.2

Timeline

  • Jan 30, 2013 CVE Published
  • Jan 28, 2026 CVE Updated
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›