Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2012-3428
HistoryDec 20, 2012 - 11:00 a.m.

CVE-2012-3428

2012-12-2011:00:00
redhat
www.cve.org
3

AI Score

6.6

Confidence

Low

EPSS

0.008

Percentile

81.4%

JSON

The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-users is enabled in conjunction with a security domain, does not use the credentials supplied in a getConnection function call, which allows remote attackers to obtain access to an arbitrary datasource connection in opportunistic circumstances via an invalid connection attempt.

Related

prion 1
osv 1
nvd 1
cve 1
github 1
veracode 5
redhat 3
nessus 2
prion
prion
Design/Logic Flaw
2012-12-20 12:02:00
osv
osv
User confusion in IronJacamar
2022-05-17 05:17:01
nvd
nvd
CVE-2012-3428
2012-12-20 12:02:17
cve
cve
CVE-2012-3428
2012-12-20 12:02:17
github
github
User confusion in IronJacamar
2022-05-17 05:17:01
veracode
veracode
Authorization Bypass
2018-11-07 08:01:08
Information Disclosure
2019-05-02 04:42:36
Access Restriction Bypass
2019-05-02 04:43:22
redhat
redhat
(RHSA-2012:1591) Important: JBoss Enterprise Application Platform 6.0.1 update
2012-12-18 00:00:00
(RHSA-2012:1592) Important: JBoss Enterprise Application Platform 6.0.1 update
2012-12-18 00:00:00
(RHSA-2012:1594) Important: JBoss Enterprise Application Platform 6.0.1 update
2012-12-18 00:00:00
nessus
nessus
RHEL 6 : JBoss EAP (RHSA-2012:1592)
2013-01-24 00:00:00
RHEL 5 : JBoss EAP (RHSA-2012:1591)
2013-01-24 00:00:00

AI Score

6.6

Confidence

Low

EPSS

0.008

Percentile

81.4%

JSON
Related for CVELIST:CVE-2012-3428
prion1osv1nvd1cve1github1veracode5redhat3nessus2