4

CVE-2012-3369

The CallerIdentityLoginModule in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 allows remote attackers to gain privileges of the previous user via a null password, which causes the previous user's password to be used.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.69% 0.839
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 4.9 4.9
AV:N/AC:H/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rhn.redhat.com/errata/RHSA-2013-0191.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0192.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0193.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0194.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0195.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0196.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0197.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0198.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0221.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0533.html
http://secunia.com/advisories/51984
Vendor Advisory
http://secunia.com/advisories/52054
Vendor Advisory
http://securitytracker.com/id?1028042
http://www.securityfocus.com/bid/57547
https://bugzilla.redhat.com/show_bug.cgi?id=836451
https://exchange.xforce.ibmcloud.com/vulnerabilities/81512