#VU20035 Permissions, Privileges, and Access Controls in Wildfly - CVE-2019-3805
Vulnerability identifier: #VU20035
Vulnerability risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-264
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Wildfly
Server applications /
Frameworks for developing and running applications
Vendor: Red Hat Inc.
Description
The vulnerability allows a local user to perform denial of service attack.
The vulnerability exists due to insecure permissions for /var/run/jboss-eap/ file that allows any user with permissions to run init.d scripts to terminate arbitrary process by modifying its PID in /var/run/jboss-eap/.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Wildfly: 7.0.0 - 15.0.1
External links
https://access.redhat.com/errata/RHSA-2019:1106
https://access.redhat.com/errata/RHSA-2019:1107
https://access.redhat.com/errata/RHSA-2019:1108
https://access.redhat.com/errata/RHSA-2019:1140
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3805
https://security.netapp.com/advisory/ntap-20190517-0004/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
