7.3 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
71.2%
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.
rhn.redhat.com/errata/RHSA-2012-0089.html
rhn.redhat.com/errata/RHSA-2012-0406.html
bugzilla.redhat.com/show_bug.cgi?id=781964