What is the severity of CVE-2017-2595?

CVE-2017-2595 is classified as a medium severity vulnerability due to its ability to allow arbitrary file read by authenticated users.

Which software versions are affected by CVE-2017-2595?

CVE-2017-2595 affects Red Hat JBoss Enterprise Application Platform versions 6.0.0, 6.4.0, 7.0.0, and 7.1.0.

How do I mitigate CVE-2017-2595?

To mitigate CVE-2017-2595, it is recommended to upgrade to the latest patched versions of Red Hat JBoss Enterprise Application Platform.

What kind of attack does CVE-2017-2595 enable?

CVE-2017-2595 enables an authenticated attacker to perform path traversal attacks, potentially allowing access to sensitive files.

Is CVE-2017-2595 present in Red Hat Enterprise Linux?

CVE-2017-2595 does not apply to Red Hat Enterprise Linux versions 6.0 and 7.0, as those are not vulnerable.

Vulnerability/
CVE-2017-2595

high

7.7

CWE

13/1/2017

27/7/2018

5/8/2024

CVE-2017-2595: Path Traversal

First published: Fri Jan 13 2017(Updated: )

It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Red Hat JBoss Enterprise Application Platform	=6.0.0
Red Hat JBoss Enterprise Application Platform	=6.4.0
Red Hat JBoss Enterprise Application Platform	=7.0.0
Red Hat JBoss Enterprise Application Platform	=7.1.0
Red Hat Enterprise Linux	=6.0
Red Hat Enterprise Linux	=7.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-2595?
CVE-2017-2595 is classified as a medium severity vulnerability due to its ability to allow arbitrary file read by authenticated users.
Which software versions are affected by CVE-2017-2595?
CVE-2017-2595 affects Red Hat JBoss Enterprise Application Platform versions 6.0.0, 6.4.0, 7.0.0, and 7.1.0.
How do I mitigate CVE-2017-2595?
To mitigate CVE-2017-2595, it is recommended to upgrade to the latest patched versions of Red Hat JBoss Enterprise Application Platform.
What kind of attack does CVE-2017-2595 enable?
CVE-2017-2595 enables an authenticated attacker to perform path traversal attacks, potentially allowing access to sensitive files.
Is CVE-2017-2595 present in Red Hat Enterprise Linux?
CVE-2017-2595 does not apply to Red Hat Enterprise Linux versions 6.0 and 7.0, as those are not vulnerable.

agent/type
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2017-2595
agent/references
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/redhat
canonical/red hat jboss enterprise application platform
version/red hat jboss enterprise application platform/6.0.0
version/red hat jboss enterprise application platform/6.4.0
version/red hat jboss enterprise application platform/7.0.0
version/red hat jboss enterprise application platform/7.1.0
canonical/red hat enterprise linux
version/red hat enterprise linux/6.0
version/red hat enterprise linux/7.0

Frequently Asked Questions

What is the severity of CVE-2017-2595?
CVE-2017-2595 is classified as a medium severity vulnerability due to its ability to allow arbitrary file read by authenticated users.
Which software versions are affected by CVE-2017-2595?
CVE-2017-2595 affects Red Hat JBoss Enterprise Application Platform versions 6.0.0, 6.4.0, 7.0.0, and 7.1.0.
How do I mitigate CVE-2017-2595?
To mitigate CVE-2017-2595, it is recommended to upgrade to the latest patched versions of Red Hat JBoss Enterprise Application Platform.
What kind of attack does CVE-2017-2595 enable?
CVE-2017-2595 enables an authenticated attacker to perform path traversal attacks, potentially allowing access to sensitive files.
Is CVE-2017-2595 present in Red Hat Enterprise Linux?
CVE-2017-2595 does not apply to Red Hat Enterprise Linux versions 6.0 and 7.0, as those are not vulnerable.

CVE-2017-2595: Path Traversal

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-2595?

Which software versions are affected by CVE-2017-2595?

How do I mitigate CVE-2017-2595?

What kind of attack does CVE-2017-2595 enable?

Is CVE-2017-2595 present in Red Hat Enterprise Linux?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-2595?

Which software versions are affected by CVE-2017-2595?

How do I mitigate CVE-2017-2595?

What kind of attack does CVE-2017-2595 enable?

Is CVE-2017-2595 present in Red Hat Enterprise Linux?