#VU408 Information disclosure in JBoss BRMS - CVE-2016-4993

Cybersecurity Help s.r.o.

Published: 2016-09-12 | Updated: 2017-03-06

Vulnerability identifier: #VU408

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-4993

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
JBoss BRMS
Web applications / Remote management & hosting panels

Vendor: Red Hat Inc.

Description

The disclosed vulnerability allows a remote attacker to disclose potentially sensitive data.

The vulnerability is caused by a parsing error when handling specially crafted URLs. A remote attacker can trigger the application to return a split query, which can lead to content spoofing and cache poisoning attacks.

Successful exploitation of this vulnerability may allow a remote attacker to get access to potentially sensitive information or perform phishing attacks.

Mitigation
Update to 7.0.2.

Vulnerable software versions

JBoss BRMS: 6.3.2

External links
https://rhn.redhat.com/errata/RHSA-2016-1838.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform

Information disclosure in Red Hat JBoss