CVE-2011-2908 in JBoss Enterpriseinfo

Summary

Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform before 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authentication of arbitrary users for requests that perform operations on MBeans and possibly execute arbitrary code via unspecified vectors.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

07/27/2011

Disclosure

11/23/2012

Moderation

VulDB entry created

Entries

1: VDB-5930

CPE

ready

CWE

CWE-352 (Confirmed)

CVSS

5.5

EPSS

0.00717

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-2908
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-2908
CVE Details	https://www.cvedetails.com/cve/CVE-2011-2908/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!