Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-2377
HistoryNov 23, 2012 - 12:00 a.m.

CVE-2012-2377

2012-11-2300:00:00
ubuntu.com
ubuntu.com
5

3.3 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

74.3%

JGroups diagnostics service in JBoss Enterprise Portal Platform before
5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is
enabled without authentication when started by the JGroups channel, which
allows remote attackers in adjacent networks to read diagnostics
information via a crafted IP multicast.

Notes

Author Note
tyhicks Per Debian, not affected

3.3 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

74.3%

Related for UB:CVE-2012-2377