#VU20035 Permissions, Privileges, and Access Controls in Wildfly
Vulnerability identifier: #VU20035
Vulnerability risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-264
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Wildfly
Server applications /
Frameworks for developing and running applications
Vendor: Red Hat Inc.
Description
The vulnerability allows a local user to perform denial of service attack.
The vulnerability exists due to insecure permissions for /var/run/jboss-eap/ file that allows any user with permissions to run init.d scripts to terminate arbitrary process by modifying its PID in /var/run/jboss-eap/.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Wildfly: 7.0.0 - 15.0.1
External links
http://access.redhat.com/errata/RHSA-2019:1106
http://access.redhat.com/errata/RHSA-2019:1107
http://access.redhat.com/errata/RHSA-2019:1108
http://access.redhat.com/errata/RHSA-2019:1140
http://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3805
http://security.netapp.com/advisory/ntap-20190517-0004/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
