VYPR
Unrated severityNVD Advisory· Published Feb 5, 2013· Updated Jun 16, 2026

CVE-2013-0218

CVE-2013-0218

Description

The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.2:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*
    • (no CPE)range: <=5.2.0
  • cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.