CVE-2015-5176 in JBoss Portalinfo

Summary

The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JSF resource.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

07/01/2015

Disclosure

08/11/2015

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-17

CVSS

7.3

EPSS

0.00243

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-5176
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-5176
CVE Details	https://www.cvedetails.com/cve/CVE-2015-5176/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!