{"id":"CVE-2017-2595","details":"It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal.","modified":"2026-03-15T22:15:46.576592Z","published":"2018-07-27T15:29:00.437Z","references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2017-1409.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/98967"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1548"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1550"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1552"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3454"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3458"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1410"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1411"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1038757"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2017-1551.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1412"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1549"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3455"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3456"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2595"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"6.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.1.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-2595.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}