Lucene search

[email protected]NVD:CVE-2012-0052

HistoryFeb 14, 2014 - 3:55 p.m.

CVE-2012-0052

2014-02-1415:55:04

CWE-20

[email protected]

web.nvd.nist.gov

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.2%

JSON

Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.

Affected configurations

NVD

Node

redhatjboss_operations_networkRange≤2.4.1

redhatjboss_operations_networkMatch2.0.0

redhatjboss_operations_networkMatch2.0.1

redhatjboss_operations_networkMatch2.1.0

redhatjboss_operations_networkMatch2.2

redhatjboss_operations_networkMatch2.3

redhatjboss_operations_networkMatch2.3.1

redhatjboss_operations_networkMatch2.4

redhatjboss_operations_networkMatch3.0

References

rhn.redhat.com/errata/RHSA-2012-0089.html

rhn.redhat.com/errata/RHSA-2012-0406.html

bugzilla.redhat.com/show_bug.cgi?id=781964

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.2%

JSON

Related for NVD:CVE-2012-0052

cve1 cvelist1 prion1 seebug1