CVE-2012-3369 in JBoss Enterpriseinformazioni

Riassunto

di MITRE

The CallerIdentityLoginModule in JBoss Enterprise Application Platform (EAP) 5.2.0, Web Platform (EWP) 5.2.0, and BRMS Platform before 5.3.1 allows remote attackers to gain privileges of the previous user via a null password, which causes the previous user s password to be used.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

14/06/2012

Divulgazione

05/02/2013

Moderazione

accettato

Voce

VDB-7500

CPE

pronto

CWE

CWE-264 (confermato)

CVSS

4.0 (NVD)

EPSS

0.02685

KEV

Attività

molto basso

Settore

Industry, Pharma, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3369
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3369
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3369/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!