CVE-2012-4550 in Red Hat JBoss Enterprise Application Platforminformation

Résumé (Anglaise)

JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before 6.0.1, when using role-based authorization for Enterprise Java Beans (EJB) access, does not call the intended authorization modules, which prevents JACC permissions from being applied and allows remote attackers to obtain access to the EJB.

Réserver

24/01/2008

Divulgation

04/01/2013

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
7187	Red Hat JBoss Enterprise Application Platform mod_negotiation processInvocation élévation de privilèges	264	Preuve de concept	Correctif officiel	CVE-2012-4550

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

◂ PrécédentAperçuSuivant ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!