CVE-2019-3805

low-risk

Published 2019-05-03

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.

Do I need to act?

0.08% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.7/10 Medium

LOCAL / HIGH complexity

Affected Products (3)

Jboss Enterprise Application Platform

Wildfly

Affected Vendors

Redhat

References (16)

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:1106

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:1107

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:1108

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:1140

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:2413

Vendor Advisory https://access.redhat.com/errata/RHSA-2020:0727

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3805

Third Party Advisory https://security.netapp.com/advisory/ntap-20190517-0004/

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:1106

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:1107

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:1108

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:1140

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:2413

Vendor Advisory https://access.redhat.com/errata/RHSA-2020:0727

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3805

Third Party Advisory https://security.netapp.com/advisory/ntap-20190517-0004/

/ 100

low-risk

Severity 12/34 · Low

Exploitability 0/34 · Minimal

Exposure 9/34 · Low