Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:47 a.m.4 views

SUSE CVE-2017-7561

Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact...

7.5CVSS8.8AI score0.01514EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2013/03/12 12:0 a.m.5 views

PT-2013-1816 · Red Hat · Red Hat Jboss Enterprise Application Platform +1

Name of the Vulnerable Software and Affected Versions: JBoss Enterprise Application Platform EAP versions 4.3.0 CP10 through 6.0.1 JBoss Enterprise Web Platform EWP version 5.2.0 Description: The default configuration of the LdapLoginModule and LdapExtLoginModule modules allows remote attackers t...

7.5CVSS5.8AI score0.02344EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2013/01/24 6:7 p.m.4 views

JBoss: CallerIdentityLoginModule retaining password from previous call if a null password is provided

The CallerIdentityLoginModule in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 allows remote attackers to gain privileges of the previous user via a null password, which causes the previous user's...

4CVSS6.2AI score0.02685EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/12/08 7:35 p.m.2 views

JBoss Remoting Denial-Of-Service

The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.3 through 4.3.0.CP09, and 5.1.0; and JBoss Enterpris...

2.6CVSS5.9AI score0.02611EPSS
Exploits0References4
Rows per page
Query Builder