Back to bug 1375757
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Pavel Polischouk | 2016-09-13 23:43:25 UTC | CC | security-response-team | |
| Pavel Polischouk | 2016-09-13 23:43:38 UTC | Blocks | 1350342 | |
| Edson Tirelli | 2016-09-27 14:25:29 UTC | CC | csadilek, eignatow, prego | |
| Christian Sadilek | 2016-09-27 16:01:13 UTC | Flags | needinfo?(pavelp) | |
| Pavel Polischouk | 2016-10-11 22:03:46 UTC | Flags | needinfo?(pavelp) | |
| Christian Sadilek | 2016-10-13 14:12:24 UTC | Status | NEW | MODIFIED |
| Pavel Polischouk | 2016-10-18 22:35:39 UTC | Status | MODIFIED | NEW |
| Pavel Polischouk | 2016-11-03 18:06:34 UTC | Doc Text | Drools Workbench contains the path traversal vulnerability. The vulnerability allows a remote authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host. | |
| Doc Type | If docs needed, set a value | Bug Fix | ||
| Eric Christensen | 2016-11-07 19:43:10 UTC | Doc Text | Drools Workbench contains the path traversal vulnerability. The vulnerability allows a remote authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host. | Drools Workbench contains the path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host. |
| Pavel Polischouk | 2016-11-28 17:20:55 UTC | Whiteboard | impact=moderate,public=no,reported=20160626,source=internet,cvss2=6.8/AV:N/AC:L/Au:S/C:C/I:N/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,cwe=CWE-23,bpms-6/workbench=affected,brms-6/workbench=affected | impact=moderate,public=20161128,reported=20160626,source=internet,cvss2=6.8/AV:N/AC:L/Au:S/C:C/I:N/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,cwe=CWE-23,bpms-6/workbench=affected,brms-6/workbench=affected |
| Pavel Polischouk | 2016-11-28 17:21:01 UTC | Summary | EMBARGOED CVE-2016-7041 Drools Workbench: Path traversal vulnerability | CVE-2016-7041 Drools Workbench: Path traversal vulnerability |
| Pavel Polischouk | 2016-11-28 17:21:06 UTC | Group | security, qe_staff | |
| Martin Prpič | 2016-11-29 08:02:36 UTC | Whiteboard | impact=moderate,public=20161128,reported=20160626,source=internet,cvss2=6.8/AV:N/AC:L/Au:S/C:C/I:N/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,cwe=CWE-23,bpms-6/workbench=affected,brms-6/workbench=affected | impact=moderate,public=20161128,reported=20160626,source=researcher,cvss2=6.8/AV:N/AC:L/Au:S/C:C/I:N/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,cwe=CWE-23,bpms-6/workbench=affected,brms-6/workbench=affected |
| Martin Prpič | 2016-11-29 08:04:52 UTC | Whiteboard | impact=moderate,public=20161128,reported=20160626,source=researcher,cvss2=6.8/AV:N/AC:L/Au:S/C:C/I:N/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,cwe=CWE-23,bpms-6/workbench=affected,brms-6/workbench=affected | impact=moderate,public=20161128,reported=20160626,source=researcher,cvss2=6.8/AV:N/AC:L/Au:S/C:C/I:N/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,cwe=CWE-22,bpms-6/workbench=affected,brms-6/workbench=affected |
| Pavel Polischouk | 2016-12-08 21:36:58 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-12-08 16:36:58 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:56:12 UTC | Whiteboard | impact=moderate,public=20161128,reported=20160626,source=researcher,cvss2=6.8/AV:N/AC:L/Au:S/C:C/I:N/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,cwe=CWE-22,bpms-6/workbench=affected,brms-6/workbench=affected |
Back to bug 1375757