Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities found for mod_cluster by redhat
CVE-2016-4459 (GCVE-0-2016-4459)
Vulnerability from nvd – Published: 2017-04-12 20:00 – Updated: 2024-08-06 00:32
VLAI
Summary
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-2056.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2016-2055.html | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:0194 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:0193 | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2016-2957.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2016-2054.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/93555 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=1341583 | x_refsource_CONFIRM |
Date Public
2017-01-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:2056",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"name": "RHSA-2016:2055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
},
{
"name": "RHSA-2017:0194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0194"
},
{
"name": "RHSA-2017:0193",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0193"
},
{
"name": "RHSA-2016:2957",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"name": "RHSA-2016:2054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
},
{
"name": "93555",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93555"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341583"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-12T19:57:02.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2016:2056",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"name": "RHSA-2016:2055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
},
{
"name": "RHSA-2017:0194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0194"
},
{
"name": "RHSA-2017:0193",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0193"
},
{
"name": "RHSA-2016:2957",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"name": "RHSA-2016:2054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
},
{
"name": "93555",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93555"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341583"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4459",
"datePublished": "2017-04-12T20:00:00.000Z",
"dateReserved": "2016-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:32:25.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0298 (GCVE-0-2015-0298)
Vulnerability from nvd – Published: 2015-08-24 14:00 – Updated: 2024-08-06 04:03
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the manager web interface in mod_cluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1641.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2015-1642.html | vendor-advisoryx_refsource_REDHAT |
| https://issues.jboss.org/browse/MODCLUSTER-453 | x_refsource_CONFIRM |
Date Public
2015-05-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:03:10.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:1641",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1641.html"
},
{
"name": "RHSA-2015:1642",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1642.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.jboss.org/browse/MODCLUSTER-453"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the manager web interface in mod_cluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-08-24T13:57:02.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2015:1641",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1641.html"
},
{
"name": "RHSA-2015:1642",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1642.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.jboss.org/browse/MODCLUSTER-453"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-0298",
"datePublished": "2015-08-24T14:00:00.000Z",
"dateReserved": "2014-11-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:03:10.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1154 (GCVE-0-2012-1154)
Vulnerability from nvd – Published: 2012-10-22 23:00 – Updated: 2024-08-06 18:45
VLAI
Summary
mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed on the root context via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-1012.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2012-1166.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2012-1052.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2012-1053.html | vendor-advisoryx_refsource_REDHAT |
| https://issues.jboss.org/browse/MODCLUSTER-253 | x_refsource_CONFIRM |
| http://secunia.com/advisories/49636 | third-party-advisoryx_refsource_SECUNIA |
| https://bugzilla.redhat.com/show_bug.cgi?id=802200 | x_refsource_MISC |
| http://rhn.redhat.com/errata/RHSA-2012-1010.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2012-1011.html | vendor-advisoryx_refsource_REDHAT |
| https://community.jboss.org/message/624018 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.439Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1012",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1012.html"
},
{
"name": "RHSA-2012:1166",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1166.html"
},
{
"name": "RHSA-2012:1052",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1052.html"
},
{
"name": "RHSA-2012:1053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1053.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.jboss.org/browse/MODCLUSTER-253"
},
{
"name": "49636",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49636"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=802200"
},
{
"name": "RHSA-2012:1010",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1010.html"
},
{
"name": "RHSA-2012:1011",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1011.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.jboss.org/message/624018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when \"ROOT\" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed on the root context via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-10-22T23:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:1012",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1012.html"
},
{
"name": "RHSA-2012:1166",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1166.html"
},
{
"name": "RHSA-2012:1052",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1052.html"
},
{
"name": "RHSA-2012:1053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1053.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.jboss.org/browse/MODCLUSTER-253"
},
{
"name": "49636",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49636"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=802200"
},
{
"name": "RHSA-2012:1010",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1010.html"
},
{
"name": "RHSA-2012:1011",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1011.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.jboss.org/message/624018"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1154",
"datePublished": "2012-10-22T23:00:00.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:45:27.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4459 (GCVE-0-2016-4459)
Vulnerability from cvelistv5 – Published: 2017-04-12 20:00 – Updated: 2024-08-06 00:32
VLAI
Summary
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-2056.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2016-2055.html | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:0194 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:0193 | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2016-2957.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2016-2054.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/93555 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=1341583 | x_refsource_CONFIRM |
Date Public
2017-01-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:2056",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"name": "RHSA-2016:2055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
},
{
"name": "RHSA-2017:0194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0194"
},
{
"name": "RHSA-2017:0193",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0193"
},
{
"name": "RHSA-2016:2957",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"name": "RHSA-2016:2054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
},
{
"name": "93555",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93555"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341583"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-12T19:57:02.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2016:2056",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"name": "RHSA-2016:2055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
},
{
"name": "RHSA-2017:0194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0194"
},
{
"name": "RHSA-2017:0193",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0193"
},
{
"name": "RHSA-2016:2957",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"name": "RHSA-2016:2054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
},
{
"name": "93555",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93555"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341583"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4459",
"datePublished": "2017-04-12T20:00:00.000Z",
"dateReserved": "2016-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:32:25.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0298 (GCVE-0-2015-0298)
Vulnerability from cvelistv5 – Published: 2015-08-24 14:00 – Updated: 2024-08-06 04:03
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the manager web interface in mod_cluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1641.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2015-1642.html | vendor-advisoryx_refsource_REDHAT |
| https://issues.jboss.org/browse/MODCLUSTER-453 | x_refsource_CONFIRM |
Date Public
2015-05-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:03:10.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:1641",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1641.html"
},
{
"name": "RHSA-2015:1642",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1642.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.jboss.org/browse/MODCLUSTER-453"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the manager web interface in mod_cluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-08-24T13:57:02.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2015:1641",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1641.html"
},
{
"name": "RHSA-2015:1642",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1642.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.jboss.org/browse/MODCLUSTER-453"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-0298",
"datePublished": "2015-08-24T14:00:00.000Z",
"dateReserved": "2014-11-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:03:10.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1154 (GCVE-0-2012-1154)
Vulnerability from cvelistv5 – Published: 2012-10-22 23:00 – Updated: 2024-08-06 18:45
VLAI
Summary
mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed on the root context via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-1012.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2012-1166.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2012-1052.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2012-1053.html | vendor-advisoryx_refsource_REDHAT |
| https://issues.jboss.org/browse/MODCLUSTER-253 | x_refsource_CONFIRM |
| http://secunia.com/advisories/49636 | third-party-advisoryx_refsource_SECUNIA |
| https://bugzilla.redhat.com/show_bug.cgi?id=802200 | x_refsource_MISC |
| http://rhn.redhat.com/errata/RHSA-2012-1010.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2012-1011.html | vendor-advisoryx_refsource_REDHAT |
| https://community.jboss.org/message/624018 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.439Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1012",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1012.html"
},
{
"name": "RHSA-2012:1166",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1166.html"
},
{
"name": "RHSA-2012:1052",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1052.html"
},
{
"name": "RHSA-2012:1053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1053.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.jboss.org/browse/MODCLUSTER-253"
},
{
"name": "49636",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49636"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=802200"
},
{
"name": "RHSA-2012:1010",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1010.html"
},
{
"name": "RHSA-2012:1011",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1011.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.jboss.org/message/624018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when \"ROOT\" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed on the root context via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-10-22T23:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:1012",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1012.html"
},
{
"name": "RHSA-2012:1166",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1166.html"
},
{
"name": "RHSA-2012:1052",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1052.html"
},
{
"name": "RHSA-2012:1053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1053.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.jboss.org/browse/MODCLUSTER-253"
},
{
"name": "49636",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49636"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=802200"
},
{
"name": "RHSA-2012:1010",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1010.html"
},
{
"name": "RHSA-2012:1011",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1011.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.jboss.org/message/624018"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1154",
"datePublished": "2012-10-22T23:00:00.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:45:27.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}