|Date: (C)2012-08-13 (M)2015-12-16|
|CVSS Score: 2.1||Access Vector: LOCAL|
|Exploitability Subscore: 3.9||Access Complexity: LOW|
|Impact Subscore: 2.9||Authentication: NONE|
| ||Confidentiality: PARTIAL|
| ||Integrity: NONE|
| ||Availability: NONE|
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.