4.9

CVE-2012-5478

The AuthorizationInterceptor in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 does not properly restrict access, which allows remote authenticated users to bypass intended role restrictions and perform arbitrary JMX operations via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.18% 0.8
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.9 6.8 4.9
AV:N/AC:M/Au:S/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rhn.redhat.com/errata/RHSA-2013-0191.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0192.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0193.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0194.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0195.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0196.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0197.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0198.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0221.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0533.html
http://secunia.com/advisories/51984
Vendor Advisory
http://secunia.com/advisories/52054
Vendor Advisory
http://securitytracker.com/id?1028042
http://www.osvdb.org/89580
https://exchange.xforce.ibmcloud.com/vulnerabilities/81514