Jboss Portal Security Vulnerabilities and Issues — Jboss Portal CVE List

Lucene search

RedhatJboss Portal

3 matches found

CVE•added 2020/03/11 4:15 p.m.•108 views

CVE-2011-2487

The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.

5.9CVSS5.7AI score0.0014EPSS

CVE•added 2020/01/02 8:15 p.m.•89 views

CVE-2014-0245

It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain pr...

5.9CVSS6.7AI score0.00407EPSS

CVE•added 2020/01/23 7:15 p.m.•59 views

CVE-2012-5626

EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation.

7.5CVSS7.5AI score0.00176EPSS