CVE-2012-1167
- EPSS 0.82%
- Published 23.11.2012 20:55:02
- Last modified 11.04.2025 00:51:21
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm...
- EPSS 0.85%
- Published 23.11.2012 20:55:01
- Last modified 11.04.2025 00:51:21
Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform before 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authe...
CVE-2011-4605
- EPSS 2.42%
- Published 23.11.2012 20:55:01
- Last modified 11.04.2025 00:51:21
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2....
CVE-2011-4085
- EPSS 0.34%
- Published 23.11.2012 20:55:01
- Last modified 11.04.2025 00:51:21
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which a...