Jboss Enterprise Soa Platform@5.1.0 Security Vulnerabilities and Issues — Jboss Enterprise Soa Platform@5.1.0 CVE List

Lucene search

RedhatJboss Enterprise Soa Platform5.1.0

7 matches found

CVE•added 2013/07/23 11:3 a.m.•150 views

CVE-2013-2165

ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through 5.3.1, Red Hat JBoss...

7.5CVSS9.6AI score0.34143EPSS

CVE•added 2011/07/27 2:42 a.m.•67 views

CVE-2011-1484

jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP04 and 5.1.0 and JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3.0.CP09 and 5.1.0, does not properly restrict use of Expression Language (EL) statements...

6.8CVSS7.3AI score0.01195EPSS

CVE•added 2012/11/23 8:55 p.m.•65 views

CVE-2011-4085

The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication by...

6.8CVSS9.3AI score0.92426EPSS

CVE•added 2013/07/29 1:59 p.m.•64 views

CVE-2011-1483

wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise ...

5CVSS6.8AI score0.01371EPSS

CVE•added 2011/07/27 2:55 a.m.•60 views

CVE-2011-2196

jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP05 and 5.1.0; JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3.0, 4.3.0.CP09, and 5.1.1; and JBoss Enterprise Web Platform 5.1.1, does not properly restr...

6.8CVSS7.4AI score0.01215EPSS

CVE•added 2012/11/23 8:55 p.m.•50 views

CVE-2012-2377

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a cr...

3.3CVSS5.4AI score0.00989EPSS

CVE•added 2012/11/23 8:55 p.m.•44 views

CVE-2012-1167

The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseDecision property is set to tr...

4.6CVSS6.3AI score0.00815EPSS