CVE-2010-0737
moderate-risk
Published 2019-10-30
A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not properly check permissions, which allows JBoss ON users to perform management tasks and configuration changes with the privileges of the administrator user.
Do I need to act?
-
0.13% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.0/10
High
ADJACENT_NETWORK
/ LOW complexity
Affected Products (1)
Affected Vendors
References (2)
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0737
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0737
31
/ 100
moderate-risk
Severity
25/34 · High
Exploitability
1/34 · Minimal
Exposure
5/34 · Minimal