Lucene search
HistoryFeb 14, 2014 - 3:55 p.m.
CVE-2012-1100
red hat
jboss
operations network
jon
ldap
authentication
remote attackers
cve-2012-1100
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
7.4 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
71.6%
Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote attackers to login to LDAP-based accounts via an arbitrary password in a login request.
Affected configurations
Node
redhatjboss_operations_networkRange≤2.4.1
ORredhatjboss_operations_networkMatch2.0.0
ORredhatjboss_operations_networkMatch2.0.1
ORredhatjboss_operations_networkMatch2.1.0
ORredhatjboss_operations_networkMatch2.2
ORredhatjboss_operations_networkMatch2.3
ORredhatjboss_operations_networkMatch2.3.1
ORredhatjboss_operations_networkMatch2.4
ORredhatjboss_operations_networkMatch3.0
Related
nvd
nvd
CVE-2012-1100
2014-02-14 15:55:04
prion
prion
Design/Logic Flaw
2014-02-14 15:55:00
cvelist
cvelist
CVE-2012-1100
2014-02-14 15:00:00
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
7.4 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
71.6%
Related for CVE-2012-1100