Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown
CVE-2014-7849
Disclosure Date: February 13, 2015 (last updated October 05, 2023)
The Role Based Access Control (RBAC) implementation in JBoss Enterprise Application Platform (EAP) 6.2.0 through 6.3.2 does not properly verify authorization conditions, which allows remote authenticated users to add, modify, and undefine otherwise restricted attributes by leveraging the Maintainer role.
0