Input validation

2019-12-1818:15:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges.

CPENameOperatorVersion
jboss_application_servereq7.1.1
jboss_application_servereq7.1.0
jboss_enterprise_application_platformeq6.0.0 beta

Name	Operator	Version
jboss_application_server	eq	7.1.1
jboss_application_server	eq	7.1.0
jboss_enterprise_application_platform	eq	6.0.0 beta

References

access.redhat.com/security/cve/cve-2012-2312

bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2312

security-tracker.debian.org/tracker/CVE-2012-2312