Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 15/12/2009 Updated: 17/08/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Subscribe to Jboss Enterprise Application Platform

Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 prior to 4.2.0.CP08 and 4.3 prior to 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat jboss enterprise application platform 4.2
redhat jboss enterprise application platform 4.2.0
redhat jboss enterprise application platform 4.2.2

CWE-200 https://rhn.redhat.com/errata/RHSA-2009-1636.html https://rhn.redhat.com/errata/RHSA-2009-1649.html https://bugzilla.redhat.com/show_bug.cgi?id=532111 https://rhn.redhat.com/errata/RHSA-2009-1650.html http://www.securityfocus.com/bid/37276 http://securitytracker.com/id?1023316 https://rhn.redhat.com/errata/RHSA-2009-1637.html http://secunia.com/advisories/37671 https://bugzilla.redhat.com/show_bug.cgi?id=539495 https://jira.jboss.org/jira/browse/JBPAPP-2872 http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp08/html-single/Release_Notes/index.html https://exchange.xforce.ibmcloud.com/vulnerabilities/54702 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-3554

Vulnerability Summary

References

Vulmon Search

About

Products

Connect