CVE-2013-4128 in Red Hat JBoss Enterprise Application Platforminfo

Summary

Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client.

Reservation

06/12/2013

Disclosure

08/16/2013

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
9958Red Hat JBoss Enterprise Application Platform Remote-Naming Connection Cache config16UnprovenOfficial fixCVE-2013-4128

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!