Lucene search

K
cve[email protected]CVE-2012-1100
HistoryFeb 14, 2014 - 3:55 p.m.

CVE-2012-1100

2014-02-1415:55:04
CWE-287
web.nvd.nist.gov
17
red hat
jboss
operations network
jon
ldap
authentication
remote attackers
cve-2012-1100

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

7.4

Confidence

Low

EPSS

0.003

Percentile

71.5%

Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote attackers to login to LDAP-based accounts via an arbitrary password in a login request.

Affected configurations

NVD
Node
redhatjboss_operations_networkRange2.4.1
OR
redhatjboss_operations_networkMatch2.0.0
OR
redhatjboss_operations_networkMatch2.0.1
OR
redhatjboss_operations_networkMatch2.1.0
OR
redhatjboss_operations_networkMatch2.2
OR
redhatjboss_operations_networkMatch2.3
OR
redhatjboss_operations_networkMatch2.3.1
OR
redhatjboss_operations_networkMatch2.4
OR
redhatjboss_operations_networkMatch3.0
VendorProductVersionCPE
redhatjboss_operations_network2.3cpe:/a:redhat:jboss_operations_network:2.3:::
redhatjboss_operations_network3.0cpe:/a:redhat:jboss_operations_network:3.0:::
redhatjboss_operations_network2.3.1cpe:/a:redhat:jboss_operations_network:2.3.1:::
redhatjboss_operations_network2.1.0cpe:/a:redhat:jboss_operations_network:2.1.0:::
redhatjboss_operations_network2.0.1cpe:/a:redhat:jboss_operations_network:2.0.1:::
redhatjboss_operations_network2.0.0cpe:/a:redhat:jboss_operations_network:2.0.0:::
redhatjboss_operations_network2.2cpe:/a:redhat:jboss_operations_network:2.2:::
redhatjboss_operations_network2.4cpe:/a:redhat:jboss_operations_network:2.4:::
redhatjboss_operations_networkcpe:/a:redhat:jboss_operations_network::::

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

7.4

Confidence

Low

EPSS

0.003

Percentile

71.5%

Related for CVE-2012-1100