Lucene search
Ubuntu.comUB:CVE-2012-4550HistoryJan 05, 2013 - 12:00 a.m.
CVE-2012-4550
2013-01-0500:00:00
ubuntu.com
ubuntu.com
8
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
70.7%
JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before
6.0.1, when using role-based authorization for Enterprise Java Beans (EJB)
access, does not call the intended authorization modules, which prevents
JACC permissions from being applied and allows remote attackers to obtain
access to the EJB.
Notes
| Author | Note |
|---|---|
| ebarretto | only builds a few libraries, not the full application server |
Related
seebug
seebug
JBoss Enterprise Application Platformๅฎๅ
จ็ป่ฟๆผๆด
2013-01-05 00:00:00
prion
prion
Authorization
2013-01-05 00:55:00
cve
cve
CVE-2012-4550
2013-01-05 00:55:00
nessus
nessus
RHEL 5 : JBoss EAP (RHSA-2012:1591)
2013-01-24 00:00:00
RHEL 6 : JBoss EAP (RHSA-2012:1592)
2013-01-24 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 04:42:36
Access Restriction Bypass
2019-05-02 04:43:22
Cross Site Scripting (XSS)
2019-05-02 04:42:42
redhat
redhat
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
70.7%
Related for UB:CVE-2012-4550