Vulnerability Description
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation.
CVSS Score
7.0
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Jboss Enterprise Application Platform | 5.0.0 |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2017-0244.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2017-0245.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2017-0246.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2017-0250.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2017-0831.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2017-0832.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2017-0834.htmlVendor Advisory
- http://www.securityfocus.com/bid/96035Third Party AdvisoryVDB Entry
- https://access.redhat.com/errata/RHSA-2017:3454Vendor Advisory
- https://access.redhat.com/errata/RHSA-2017:3455Vendor Advisory
- https://access.redhat.com/errata/RHSA-2017:3458Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:1609Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8656Issue TrackingVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2017-0244.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2017-0245.htmlVendor Advisory
FAQ
What is CVE-2016-8656?
CVE-2016-8656 is a vulnerability with a CVSS score of 7.0 (HIGH). Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation.
How severe is CVE-2016-8656?
CVE-2016-8656 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-8656?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Jboss Enterprise Application Platform.