Lucene search
Ubuntu.comUB:CVE-2012-4550HistoryJan 05, 2013 - 12:00 a.m.
CVE-2012-4550
2013-01-0500:00:00
ubuntu.com
ubuntu.com
10
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
71.3%
JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before
6.0.1, when using role-based authorization for Enterprise Java Beans (EJB)
access, does not call the intended authorization modules, which prevents
JACC permissions from being applied and allows remote attackers to obtain
access to the EJB.
Notes
| Author | Note |
|---|---|
| ebarretto | only builds a few libraries, not the full application server |
Related
seebug
seebug
JBoss Enterprise Application Platformๅฎๅ
จ็ป่ฟๆผๆด
2013-01-05 00:00:00
prion
prion
Authorization
2013-01-05 00:55:00
cvelist
cvelist
CVE-2012-4550
2013-01-05 00:00:00
cve
cve
CVE-2012-4550
2013-01-05 00:55:02
nvd
nvd
CVE-2012-4550
2013-01-05 00:55:02
nessus
nessus
RHEL 5 : JBoss EAP (RHSA-2012:1591)
2013-01-24 00:00:00
RHEL 6 : JBoss EAP (RHSA-2012:1592)
2013-01-24 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 04:42:36
Access Restriction Bypass
2019-05-02 04:43:29
Access Restriction Bypass
2019-05-02 04:43:22
redhat
redhat
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
71.3%
Related for UB:CVE-2012-4550