Vulnerabilities > CVE-2019-14841 - Improper Preservation of Permissions vulnerability in Redhat Decision Manager and Process Automation

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

redhat

CWE-281

NVD

Published: 2022-10-17

Updated: 2022-10-19

Summary

A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Decision Manager 7.0 Redhat Process Automation 7.0	2

Common Weakness Enumeration (CWE)

CWE-281 - Improper Preservation of Permissions

References

https://bugzilla.redhat.com/show_bug.cgi?id=1744801
https://access.redhat.com/security/cve/CVE-2019-14841