Lucene search
K

136 matches found

RedHat Linux
RedHat Linux
added 2016/06/23 8:49 p.m.7 views

JGroups: Authorization bypass

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information...

9.8CVSS6.6AI score0.04698EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/06/23 8:49 p.m.5 views

JGroups: Authorization bypass

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information...

9.8CVSS6.6AI score0.04698EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/06/23 8:49 p.m.8 views

Critical: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.6AI score0.04698EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/06/23 8:49 p.m.5 views

JGroups: Authorization bypass

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information...

9.8CVSS6.6AI score0.04698EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/06/23 8:49 p.m.34 views

Critical: Red Hat Security Advisory: Red Hat JBoss Data Grid 6.6 security update

A security update is now available for Red Hat JBoss Data Grid from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.6AI score0.04698EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2016/06/23 8:48 p.m.36 views

CVE-2016-2141

It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information...

9.8CVSS0.7AI score0.04698EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/01/31 12:0 a.m.40 views

JBoss Portal 6.1.0 Update (RHSA-2013:1437)

The version of JBoss Enterprise Portal Platform on the remote system is affected by the following issues: - A flaw in CSRF prevention filter in JBoss Web could allow remote attackers to bypass the cross-site request forgery CSRF protection mechanism via a request that lacks a session identifier...

6.8CVSS7.6AI score0.32259EPSS
Exploits11References36
RedHat Linux
RedHat Linux
added 2013/11/27 5:8 p.m.4 views

JGroups: Authentication via cached credentials

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information diagnostic information and execute arbitrary code by reusing valid credentials...

5.4CVSS6.1AI score0.01607EPSS
Exploits0References4
NVD
NVD
added 2013/10/28 9:55 p.m.24 views

CVE-2013-2102

The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtain sensitive information diagnostics by accessing the service...

3.3CVSS6.4AI score0.00985EPSS
Exploits0References2
Prion
Prion
added 2013/10/28 9:55 p.m.26 views

Default configuration

The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtain sensitive information diagnostics by accessing the service...

3.3CVSS6.9AI score0.00985EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2013/10/28 9:0 p.m.26 views

CVE-2013-2102

The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtain sensitive information diagnostics by accessing the service...

6.4AI score0.00985EPSS
Exploits0References2
CVE
CVE
added 2013/10/28 9:0 p.m.53 views

CVE-2013-2102

CVE-2013-2102 affects Red Hat JBoss Portal 6.1.0 and earlier: when a JGroups channel starts, the JGroups diagnostics service is enabled by default with no authentication, allowing remote attackers to read diagnostics information. Red Hat released RHSA-2013:1437 with a 6.1.0 update to address this...

3.3CVSS6.6AI score0.00985EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2013/10/16 4:45 p.m.4 views

Gatein: JGroups configurations enable diagnostics without authentication

The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtain sensitive information diagnostics by accessing the service...

3.3CVSS5.9AI score0.00985EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/10/16 4:45 p.m.4 views

JGroups: Authentication via cached credentials

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information diagnostic information and execute arbitrary code by reusing valid credentials...

5.4CVSS6.1AI score0.01607EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/09/04 6:46 p.m.4 views

JGroups: Authentication via cached credentials

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information diagnostic information and execute arbitrary code by reusing valid credentials...

5.4CVSS6.1AI score0.01607EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/09/04 6:45 p.m.4 views

JGroups: Authentication via cached credentials

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information diagnostic information and execute arbitrary code by reusing valid credentials...

5.4CVSS6.1AI score0.01607EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/09/04 6:43 p.m.4 views

JGroups: Authentication via cached credentials

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information diagnostic information and execute arbitrary code by reusing valid credentials...

5.4CVSS6.1AI score0.01607EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/01/24 7:6 p.m.68 views

Important: Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 update

JBoss Enterprise Web Platform 5.2.0, which fixes multiple security issues, various bugs, and adds several enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

10CVSS7.7AI score0.15561EPSS
Exploits6References16
RedHat Linux
RedHat Linux
added 2013/01/24 6:44 p.m.4 views

JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...

3.3CVSS6.3AI score0.01448EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2013/01/24 6:44 p.m.111 views

Important: Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 update

Updated JBoss Enterprise Web Platform 5.2.0 packages that fix multiple security issues, various bugs, and add several enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...

10CVSS7.7AI score0.15561EPSS
Exploits7References17
Rows per page
Query Builder