CVE-2012-3428 in IronJacamar信息

摘要

由 VulDB • 2026-06-20

IronJacamar 容器(JBoss Application Server 1.0.12.Final 之前版本)在启用 allow-multiple-users 并与安全域(security domain)结合使用时,未使用 getConnection 函数调用中提供的凭据,这使得远程攻击者在机会主义场景下,通过无效的连接尝试,获取对任意数据源连接的访问权限。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!