Unrated severityNVD Advisory· Published Nov 20, 2014· Updated Jun 17, 2026
CVE-2014-9000
CVE-2014-9000
Description
Mule Enterprise Management Console (MMC) does not properly restrict access to handler/securityService.rpc, which allows remote authenticated users to gain administrator privileges and execute arbitrary code via a crafted request that adds a new user. NOTE: this issue was originally reported for ESB Runtime 3.5.1, but it originates in MMC.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:mulesoft:mule_enterprise_management_console:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mulesoft:mule_enterprise_management_console:-:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.