What is CVE-2016-5422?

CVE-2016-5422 is a high-severity vulnerability in Redhat Jboss_operations_network, classified under CWE-264. CVSS score: 8.8/10. Published 2016-09-07.

How severe is CVE-2016-5422?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Redhat Jboss_operations_network

CVE-2016-5422

The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request.

EPSS: 0.007 (73.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Redhat Jboss_operations_network
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

RHSA-2016:1785 (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
92722 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2016-5422?: CVE-2016-5422 is a high-severity vulnerability in Redhat Jboss_operations_network, classified under CWE-264. CVSS score: 8.8/10. Published 2016-09-07.
How severe is CVE-2016-5422?: High severity. CVSS v3 base score is 8.8 out of 10.