Lucene search

K
RedhatJboss Enterprise Soa Platform5.0.0

7 matches found

CVE
CVE
added 2017/11/09 5:29 p.m.235 views

CVE-2015-7501

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Serve...

10CVSS9.7AI score0.74837EPSS
CVE
CVE
added 2013/07/23 11:3 a.m.150 views

CVE-2013-2165

ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through 5.3.1, Red Hat JBoss...

7.5CVSS9.6AI score0.34143EPSS
CVE
CVE
added 2012/11/23 8:55 p.m.65 views

CVE-2011-4085

The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication by...

6.8CVSS9.3AI score0.92426EPSS
CVE
CVE
added 2012/11/23 8:55 p.m.50 views

CVE-2012-2377

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a cr...

3.3CVSS5.4AI score0.00989EPSS
CVE
CVE
added 2012/11/23 8:55 p.m.44 views

CVE-2012-1167

The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseDecision property is set to tr...

4.6CVSS6.3AI score0.00815EPSS
CVE
CVE
added 2010/08/10 12:23 p.m.36 views

CVE-2010-2493

The default configuration of the deployment descriptor (aka web.xml) in picketlink-sts.war in (1) the security_saml quickstart, (2) the webservice_proxy_security quickstart, (3) the web-console application, (4) the http-invoker application, (5) the gpd-deployer application, (6) the jbpm-console app...

5CVSS6.8AI score0.00108EPSS
CVE
CVE
added 2010/08/10 12:23 p.m.33 views

CVE-2010-2474

JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2 does not properly consider the security domain with which a service is secured, which might allow remote attackers to gain privileges by executing a service.

3.5CVSS7.1AI score0.00251EPSS