Lucene search
+L

66 matches found

RedHat Linux
RedHat Linux
added 2015/08/24 3:52 p.m.3 views

PicketLink: PicketLink IDP ignores role based authorization

A flaw was found in the PicketLink Identity Provider Configuration IDP where, under specific conditions, the IDP ignores role-based authorization. This could lead to an authenticated user being able to access application resources that are not permitted for a given role...

4CVSS5.7AI score0.01913EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/08/24 3:37 p.m.4 views

PicketLink: PicketLink IDP ignores role based authorization

A flaw was found in the PicketLink Identity Provider Configuration IDP where, under specific conditions, the IDP ignores role-based authorization. This could lead to an authenticated user being able to access application resources that are not permitted for a given role...

4CVSS5.7AI score0.01913EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2013/01/05 12:0 a.m.14 views

PT-2013-1686

Name of the Vulnerable Software and Affected Versions JBoss Enterprise Application Platform versions prior to 6.0.1 Description The issue prevents the application of JACC permissions for Enterprise Java Beans EJB access when using role-based authorization, allowing remote attackers to obtain...

6.4CVSS5.8AI score0.02119EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2012/12/18 10:43 p.m.8 views

JBoss Enterprise Application Platform: JBoss EAP: JBEAP: JBoss Enterprise Application Platform: Unauthorized EJB access via authorization module bypass

A flaw was found in JBoss Enterprise Application Platform. When role-based authorization is used for Enterprise Java Beans EJB access, the system does not correctly call the necessary authorization modules. This prevents Java Authorization Contract for Containers JACC permissions from being...

6.4CVSS5.8AI score0.02119EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2012/12/18 10:43 p.m.74 views

Important: Red Hat Security Advisory: JBoss Enterprise Application Platform 6.0.1 update

JBoss Enterprise Application Platform 6.0.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring...

10CVSS6.8AI score0.6477EPSS
Exploits10References12
RedHat Linux
RedHat Linux
added 2012/12/18 10:17 p.m.15 views

JBoss Enterprise Application Platform: JBoss EAP: JBEAP: JBoss Enterprise Application Platform: Unauthorized EJB access via authorization module bypass

A flaw was found in JBoss Enterprise Application Platform. When role-based authorization is used for Enterprise Java Beans EJB access, the system does not correctly call the necessary authorization modules. This prevents Java Authorization Contract for Containers JACC permissions from being...

6.4CVSS5.8AI score0.02119EPSS
Exploits1References7
Rows per page
Query Builder