6.8 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.2%
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.
rhn.redhat.com/errata/RHSA-2012-0089.html
rhn.redhat.com/errata/RHSA-2012-0406.html
bugzilla.redhat.com/show_bug.cgi?id=781964