Red Hat JBoss Enterprise Application Platform Application Server JacORB Subsystem Information Disclosure Vulnerability

Red Hat JBoss Enterprise Application Platform is an open source, J2EE-based middleware platform for building, deploying, and hosting Java applications and services.JBoss Application Server AS, also known as WildFly is an open source JavaEE-based application server; the JacORB subsystem is a...

Design/Logic Flaw

The JBoss Application Server WildFly JacORB subsystem in Red Hat JBoss Enterprise Application Platform EAP before 6.3.3 does not properly assign socket-binding-ref sensitivity classification to the security-domain attribute, which allows remote authenticated users to obtain sensitive information ...

Subsystem: Information disclosure via incorrect sensitivity classification of attribute

It was discovered that the JBoss Application Server WildFly JacORB subsystem incorrectly assigned socket-binding-ref sensitivity classification for the security-domain attribute. An authenticated user with a role that has access to attributes with socket-binding-ref and not security-domain-ref...

Subsystem: Information disclosure via incorrect sensitivity classification of attribute

It was discovered that the JBoss Application Server WildFly JacORB subsystem incorrectly assigned socket-binding-ref sensitivity classification for the security-domain attribute. An authenticated user with a role that has access to attributes with socket-binding-ref and not security-domain-ref...

Subsystem: Information disclosure via incorrect sensitivity classification of attribute

It was discovered that the JBoss Application Server WildFly JacORB subsystem incorrectly assigned socket-binding-ref sensitivity classification for the security-domain attribute. An authenticated user with a role that has access to attributes with socket-binding-ref and not security-domain-ref...