Lucene search
K

90 matches found

RedHat Linux
RedHat Linux
added 2018/10/16 5:5 p.m.164 views

Important: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.3.11 security and bug fix update

An update is now available for Red Hat JBoss Operations Network. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS8AI score0.49727EPSS
Exploits4References20
OpenVAS
OpenVAS
added 2017/10/16 12:0 a.m.17 views

JBoss Operations Network End of Life (EOL) Detection - Linux

The JBoss Operations Network version on the remote host has reached the end of life EOL and should not be used anymore. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2017/10/16 12:0 a.m.9 views

JBoss Operations Network End of Life (EOL) Detection - Windows

The JBoss Operations Network version on the remote host has reached the end of life EOL and should not be used anymore. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.5AI score
Exploits0References1
Prion
Prion
added 2016/09/27 3:59 p.m.25 views

Deserialization of untrusted data

The server in Red Hat JBoss Operations Network JON, when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability exists because of an...

9CVSS8.2AI score0.10625EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2016/09/07 7:28 p.m.34 views

CVE-2016-5422

The web console in Red Hat JBoss Operations Network JON before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request...

8.8CVSS8.4AI score0.02139EPSS
Exploits0References2
OSV
OSV
added 2016/09/07 7:28 p.m.5 views

CVE-2016-5422

The web console in Red Hat JBoss Operations Network JON before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request...

8.8CVSS5.9AI score0.02139EPSS
Exploits0References2
Prion
Prion
added 2016/09/07 7:28 p.m.21 views

Design/Logic Flaw

The web console in Red Hat JBoss Operations Network JON before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request...

6.5CVSS6.9AI score0.02139EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2016/08/31 5:18 p.m.28 views

CVE-2016-5422

It was found that JBoss Operations Network allowed regular users to add a new super user by sending a specially crafted request to the web console. This attacks allows escalation of privileges...

9.9CVSS4.5AI score0.02139EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/08/31 4:58 p.m.28 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.3.7 security and bug fix update

An update is now available for Red Hat JBoss Operations Network. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

8.8CVSS7.3AI score0.02139EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/08/31 4:58 p.m.7 views

JON3: privilege escalation via improper authorization

It was found that JBoss Operations Network allowed regular users to add a new super user by sending a specially crafted request to the web console. This attacks allows escalation of privileges...

8.8CVSS5.7AI score0.02139EPSS
Exploits0References4
CNVD
CNVD
added 2016/08/24 12:0 a.m.5 views

Red Hat JBoss Operations Network Remote Code Execution Vulnerability (CNVD-2016-06652)

Red Hat JBoss Operations Network JON is the United States Red Hat Red Hat a J2EE-based open source application server, it can deploy, manage, monitor JBoss enterprise middleware, applications and services. A remote code execution vulnerability exists in Red Hat JON. An attacker could exploit this...

9.8CVSS8.4AI score0.10625EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/08/22 1:18 a.m.29 views

CVE-2016-6330

The server in Red Hat JBoss Operations Network JON, when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization. NOTE: this vulnerability exists because of an...

9.8CVSS9.5AI score0.10625EPSS
Exploits0References1
NVD
NVD
added 2016/08/02 2:59 p.m.36 views

CVE-2016-3737

The server in Red Hat JBoss Operations Network JON before 3.3.6 allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization...

9.8CVSS9.6AI score0.06706EPSS
Exploits0References4
OSV
OSV
added 2016/08/02 2:59 p.m.8 views

CVE-2016-3737

The server in Red Hat JBoss Operations Network JON before 3.3.6 allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization...

9.8CVSS6.1AI score0.06706EPSS
Exploits0References4
Prion
Prion
added 2016/08/02 2:59 p.m.21 views

Deserialization of untrusted data

The server in Red Hat JBoss Operations Network JON before 3.3.6 allows remote attackers to execute arbitrary code via a crafted HTTP request, related to message deserialization...

9CVSS9.5AI score0.06706EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2016/08/02 2:0 p.m.77 views

CVE-2016-3737

The CVE-2016-3737 entry concerns Red Hat JBoss Operations Network (JON) prior to 3.3.6, where remote code execution is possible through a crafted HTTP request due to deserialization issues in the JON server. The issue is tied to message deserialization and is referenced across several feeds (NVD,...

9.8CVSS9.5AI score0.06706EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2016/07/28 12:0 a.m.12 views

JBoss Operations Network Detection

The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/07/27 3:28 p.m.85 views

Critical: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.3.6 update

Red Hat JBoss Operations Network 3.3 update 6, which fixes two security issues and several bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which...

9.8CVSS7.2AI score0.82112EPSS
Exploits2References45
CNVD
CNVD
added 2016/07/17 12:0 a.m.5 views

Red Hat JBoss Operations Network Remote Code Execution Vulnerability

Red Hat JBoss Operations Network JON is the United States Red Hat Red Hat a J2EE-based open source application server, it can deploy, manage, monitor JBoss enterprise middleware, applications and services. A remote code execution vulnerability exists in Red Hat JON. An attacker could exploit this...

9.8CVSS8.4AI score0.06706EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/06/06 12:0 a.m.37 views

Red Hat JBoss Operations Network Java Object Deserialization RCE

The remote Red Hat JBoss Operations Network server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Jython library. An unauthenticated, remote attacker can exploit this, by sending specially crafted Java objects to the HTT...

9.8CVSS8.9AI score0.06706EPSS
Exploits0References3
Rows per page
Query Builder