CVE-2020-14317

MEDIUM Year: 2020
CVSS v3 Score
5.5
Medium
CVSS v2 Score
4.9
Medium
Weakness Type
CWE-364
View all →

Vulnerability Description

It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery (EAP-CD) introducing regression. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.

Related Vulnerabilities

CVE-2019-3805

MEDIUM
CVSS:5.5(Medium)

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploi...

CWE-3642019

CVE-2023-1285

MEDIUM
CVSS:5.9(Medium)

Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated attacker to cause a...

CWE-3642023

CVE-2023-5676

MEDIUM
CVSS:5.9(Medium)

In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the ...

CWE-3642023

CVE-2025-4598

MEDIUM
CVSS:4.7(Medium)

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump,...

CWE-3642025

CVE-2024-6409

HIGH
CVSS:7.0(High)

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is...

CWE-3642024

CVE-2024-6387

HIGH
CVSS:8.1(High)

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote at...

CWE-3642024