rhsa-2012_1232
Vulnerability from csaf_redhat
Published
2012-09-05 16:26
Modified
2024-09-15 20:01
Summary
Red Hat Security Advisory: JBoss Enterprise Portal Platform 5.2.2 update
Notes
Topic
JBoss Enterprise Portal Platform 5.2.2, which fixes multiple security
issues and various bugs, is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
JBoss Enterprise Portal Platform is the open source implementation of the
Java EE suite of services and Portal services running atop JBoss Enterprise
Application Platform. It comprises a set of offerings for enterprise
customers who are looking for pre-configured profiles of JBoss Enterprise
Middleware components that have been tested and certified together to
provide an integrated experience.
This release of JBoss Enterprise Portal Platform 5.2.2 serves as a
replacement for JBoss Enterprise Portal Platform 5.2.1, and includes bug
fixes. Refer to the JBoss Enterprise Portal Platform 5.2.2 Release Notes
for information on the most significant of these changes. The Release Notes
will be available shortly from https://access.redhat.com/knowledge/docs/
The following security issues are also fixed with this release:
It was found that the JBoss JNDI service allowed unauthenticated, remote
write access by default. The JNDI and HA-JNDI services, and the
HAJNDIFactory invoker servlet were all affected. A remote attacker able to
access the JNDI service (port 1099), HA-JNDI service (port 1100), or the
HAJNDIFactory invoker servlet on a JBoss server could use this flaw to add,
delete, and modify items in the JNDI tree. This could have various,
application-specific impacts. (CVE-2011-4605)
A flaw was found in the way the Apache Xerces2 Java Parser processed the
SYSTEM identifier in DTDs. A remote attacker could provide a
specially-crafted XML file, which once parsed by an application using the
Apache Xerces2 Java Parser, would lead to a denial of service (application
hang due to excessive CPU use). (CVE-2009-2625)
It was found that the JMX Console did not protect against Cross-Site
Request Forgery (CSRF) attacks. If a remote attacker could trick a user,
who was logged into the JMX Console, into visiting a specially-crafted URL,
the attacker could perform operations on MBeans, which may lead to
arbitrary code execution in the context of the JBoss server process.
(CVE-2011-2908)
A flaw was found in the way Apache POI, a Java API for manipulating files
created with a Microsoft Office application, handled memory when processing
certain Channel Definition Format (CDF) and Compound File Binary Format
(CFBF) documents. A remote attacker could provide a specially-crafted CDF
or CFBF document to an application using Apache POI, leading to a denial of
service. (CVE-2012-0213)
When a JBoss server is configured to use JaccAuthorizationRealm, the
WebPermissionMapping class creates permissions that are not checked and can
permit access to users without checking their roles. If the
ignoreBaseDecision property is set to true on JBossWebRealm, the web
authorization process is handled exclusively by JBossAuthorizationEngine,
without any input from JBoss Web. This allows any valid user to access an
application, without needing to be assigned the role specified in the
application's web.xml "security-constraint" tag. (CVE-2012-1167)
When a JGroups channel is started, the JGroups diagnostics service would be
enabled by default with no authentication. This service is exposed via IP
multicast. An attacker on an adjacent network could exploit this flaw to
read diagnostics information. (CVE-2012-2377)
Red Hat would like to thank Christian Schlüter (VIADA) for reporting the
CVE-2011-4605 issue.
Warning: Before applying this update, back up all applications deployed on
JBoss Enterprise Portal Platform, along with all customized configuration
files, and any databases and database settings.
All users of JBoss Enterprise Portal Platform 5.2.1 as provided from the
Red Hat Customer Portal are advised to upgrade to JBoss Enterprise Portal
Platform 5.2.2.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "JBoss Enterprise Portal Platform 5.2.2, which fixes multiple security\nissues and various bugs, is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "JBoss Enterprise Portal Platform is the open source implementation of the\nJava EE suite of services and Portal services running atop JBoss Enterprise\nApplication Platform. It comprises a set of offerings for enterprise\ncustomers who are looking for pre-configured profiles of JBoss Enterprise\nMiddleware components that have been tested and certified together to\nprovide an integrated experience.\n\nThis release of JBoss Enterprise Portal Platform 5.2.2 serves as a\nreplacement for JBoss Enterprise Portal Platform 5.2.1, and includes bug\nfixes. Refer to the JBoss Enterprise Portal Platform 5.2.2 Release Notes\nfor information on the most significant of these changes. The Release Notes\nwill be available shortly from https://access.redhat.com/knowledge/docs/\n\nThe following security issues are also fixed with this release:\n\nIt was found that the JBoss JNDI service allowed unauthenticated, remote\nwrite access by default. The JNDI and HA-JNDI services, and the\nHAJNDIFactory invoker servlet were all affected. A remote attacker able to\naccess the JNDI service (port 1099), HA-JNDI service (port 1100), or the\nHAJNDIFactory invoker servlet on a JBoss server could use this flaw to add,\ndelete, and modify items in the JNDI tree. This could have various,\napplication-specific impacts. (CVE-2011-4605)\n\nA flaw was found in the way the Apache Xerces2 Java Parser processed the\nSYSTEM identifier in DTDs. A remote attacker could provide a\nspecially-crafted XML file, which once parsed by an application using the\nApache Xerces2 Java Parser, would lead to a denial of service (application\nhang due to excessive CPU use). (CVE-2009-2625)\n\nIt was found that the JMX Console did not protect against Cross-Site\nRequest Forgery (CSRF) attacks. If a remote attacker could trick a user,\nwho was logged into the JMX Console, into visiting a specially-crafted URL,\nthe attacker could perform operations on MBeans, which may lead to\narbitrary code execution in the context of the JBoss server process.\n(CVE-2011-2908)\n\nA flaw was found in the way Apache POI, a Java API for manipulating files\ncreated with a Microsoft Office application, handled memory when processing\ncertain Channel Definition Format (CDF) and Compound File Binary Format\n(CFBF) documents. A remote attacker could provide a specially-crafted CDF\nor CFBF document to an application using Apache POI, leading to a denial of\nservice. (CVE-2012-0213)\n\nWhen a JBoss server is configured to use JaccAuthorizationRealm, the\nWebPermissionMapping class creates permissions that are not checked and can\npermit access to users without checking their roles. If the\nignoreBaseDecision property is set to true on JBossWebRealm, the web\nauthorization process is handled exclusively by JBossAuthorizationEngine,\nwithout any input from JBoss Web. This allows any valid user to access an\napplication, without needing to be assigned the role specified in the\napplication\u0027s web.xml \"security-constraint\" tag. (CVE-2012-1167)\n\nWhen a JGroups channel is started, the JGroups diagnostics service would be\nenabled by default with no authentication. This service is exposed via IP\nmulticast. An attacker on an adjacent network could exploit this flaw to\nread diagnostics information. (CVE-2012-2377)\n\nRed Hat would like to thank Christian Schl\u00fcter (VIADA) for reporting the\nCVE-2011-4605 issue.\n\nWarning: Before applying this update, back up all applications deployed on\nJBoss Enterprise Portal Platform, along with all customized configuration\nfiles, and any databases and database settings.\n\nAll users of JBoss Enterprise Portal Platform 5.2.1 as provided from the\nRed Hat Customer Portal are advised to upgrade to JBoss Enterprise Portal\nPlatform 5.2.2.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2012:1232",
"url": "https://access.redhat.com/errata/RHSA-2012:1232"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jbportal\u0026downloadType=distributions",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jbportal\u0026downloadType=distributions"
},
{
"category": "external",
"summary": "https://access.redhat.com/knowledge/docs/",
"url": "https://access.redhat.com/knowledge/docs/"
},
{
"category": "external",
"summary": "512921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921"
},
{
"category": "external",
"summary": "730176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730176"
},
{
"category": "external",
"summary": "766469",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=766469"
},
{
"category": "external",
"summary": "799078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=799078"
},
{
"category": "external",
"summary": "802622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=802622"
},
{
"category": "external",
"summary": "823392",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=823392"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2012/rhsa-2012_1232.json"
}
],
"title": "Red Hat Security Advisory: JBoss Enterprise Portal Platform 5.2.2 update",
"tracking": {
"current_release_date": "2024-09-15T20:01:49+00:00",
"generator": {
"date": "2024-09-15T20:01:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2012:1232",
"initial_release_date": "2012-09-05T16:26:00+00:00",
"revision_history": [
{
"date": "2012-09-05T16:26:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2012-09-05T16:25:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-15T20:01:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Portal 5.2",
"product": {
"name": "Red Hat JBoss Portal 5.2",
"product_id": "Red Hat JBoss Portal 5.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_portal_platform:5.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Middleware"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-2625",
"discovery_date": "2009-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "512921"
}
],
"notes": [
{
"category": "description",
"text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: XML parsing Denial-Of-Service (6845701)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Portal 5.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2625"
},
{
"category": "external",
"summary": "RHBZ#512921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2625"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625"
}
],
"release_date": "2009-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.",
"product_ids": [
"Red Hat JBoss Portal 5.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1232"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Portal 5.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: XML parsing Denial-Of-Service (6845701)"
},
{
"cve": "CVE-2011-2908",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2007-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "730176"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform before 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authentication of arbitrary users for requests that perform operations on MBeans and possibly execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CSRF on jmx-console allows invocation of operations on mbeans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Portal 5.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2908"
},
{
"category": "external",
"summary": "RHBZ#730176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2908"
}
],
"release_date": "2007-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.",
"product_ids": [
"Red Hat JBoss Portal 5.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1232"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Portal 5.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CSRF on jmx-console allows invocation of operations on mbeans"
},
{
"acknowledgments": [
{
"names": [
"Christian Schl\u00fcter"
],
"organization": "VIADA"
}
],
"cve": "CVE-2011-4605",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2011-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "766469"
}
],
"notes": [
{
"category": "description",
"text": "The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly restrict write access, which allows remote attackers to add, delete, or modify items in a JNDI tree via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JNDI: unauthenticated remote write access is permitted by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Portal 5.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-4605"
},
{
"category": "external",
"summary": "RHBZ#766469",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=766469"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-4605",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4605"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4605",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4605"
}
],
"release_date": "2012-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.",
"product_ids": [
"Red Hat JBoss Portal 5.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1232"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Portal 5.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JNDI: unauthenticated remote write access is permitted by default"
},
{
"cve": "CVE-2012-0213",
"discovery_date": "2012-03-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "799078"
}
],
"notes": [
{
"category": "description",
"text": "The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jakarta: JVM destabilization due to memory exhaustion when processing CDF/CFBF files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Portal 5.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-0213"
},
{
"category": "external",
"summary": "RHBZ#799078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=799078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0213"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0213",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0213"
}
],
"release_date": "2012-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.",
"product_ids": [
"Red Hat JBoss Portal 5.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1232"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Portal 5.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jakarta: JVM destabilization due to memory exhaustion when processing CDF/CFBF files"
},
{
"cve": "CVE-2012-1167",
"discovery_date": "2012-03-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "802622"
}
],
"notes": [
{
"category": "description",
"text": "The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseDecision property is set to true on the JBossWebRealm, does not properly check the permissions created by the WebPermissionMapping class, which allows remote authenticated users to access arbitrary applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBoss: authentication bypass when running under JACC with ignoreBaseDecision on JBossWebRealm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Portal 5.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-1167"
},
{
"category": "external",
"summary": "RHBZ#802622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=802622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-1167",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1167"
}
],
"release_date": "2012-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.",
"product_ids": [
"Red Hat JBoss Portal 5.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1232"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Portal 5.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JBoss: authentication bypass when running under JACC with ignoreBaseDecision on JBossWebRealm"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2012-2377",
"discovery_date": "2012-05-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "823392"
}
],
"notes": [
{
"category": "description",
"text": "JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a crafted IP multicast.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Portal 5.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2377"
},
{
"category": "external",
"summary": "RHBZ#823392",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=823392"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2377",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2377"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2377",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2377"
}
],
"release_date": "2012-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.",
"product_ids": [
"Red Hat JBoss Portal 5.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1232"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Portal 5.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started"
}
]
}
Loading...