CVE-2016-8627

admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*

Information

Published : 2018-05-11 06:29

Updated : 2019-10-09 16:20


NVD link : CVE-2016-8627

Mitre link : CVE-2016-8627


JSON object : View

CWE
CWE-400

Uncontrolled Resource Consumption

Advertisement

dedicated server usa

Products Affected

redhat

  • keycloak
  • jboss_enterprise_application_platform