Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat jboss enterprise brms platform vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2012-0874
The (1) JMXInvokerHAServlet and (2) EJBInvokerHAServlet invoker servlets in JBoss Enterprise Application Platform (EAP) prior to 5.2.0, Web Platform (EWP) prior to 5.2.0, BRMS Platform prior to 5.3.1, and SOA Platform prior to 5.3.1 do not require authentication by default in cer...
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Brms Platform
1 EDB exploit
2.1
CVSSv2
CVE-2012-0034
The NonManagedConnectionFactory in JBoss Enterprise Application Platform (EAP) 5.1.2 and 5.2.0, Web Platform (EWP) 5.1.2 and 5.2.0, and BRMS Platform prior to 5.3.1 logs the username and password in cleartext when an exception is thrown, which allows local users to obtain sensiti...
Redhat Jboss Enterprise Application Platform 5.1.2
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Web Platform 5.2.0
Redhat Jboss Enterprise Web Platform 5.1.2
Redhat Jboss Enterprise Brms Platform
7.5
CVSSv2
CVE-2011-4605
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x prior to 5.2.2, and BRMS Platform prior t...
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.1.2
Redhat Jboss Enterprise Web Platform 5.1.2
Redhat Jboss Enterprise Portal Platform 5.2.1
Redhat Jboss Enterprise Portal Platform 4.3.0
Redhat Jboss Enterprise Brms Platform
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Soa Platform 4.3.0
6.8
CVSSv2
CVE-2011-4085
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform prior to 5.1.2, SOA Platform prior to 5.2.0, BRMS Platform prior to 5.3.0, and Portal Platform prior to 4.3 CP07 perform access control only for the GET and POST methods, which allow remote malicious ...
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 5.0.1
Redhat Jboss Enterprise Application Platform 5.1.0
Redhat Jboss Enterprise Application Platform 4.2.0
Redhat Jboss Enterprise Application Platform
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform 5.0.2
Redhat Jboss Enterprise Soa Platform 5.0.1
Redhat Jboss Enterprise Soa Platform 5.1.0
Redhat Jboss Enterprise Soa Platform
Redhat Jboss Enterprise Soa Platform 5.0.0
Redhat Jboss Enterprise Brms Platform
Redhat Jboss Enterprise Portal Platform
3.3
CVSSv2
CVE-2012-2377
JGroups diagnostics service in JBoss Enterprise Portal Platform prior to 5.2.2, SOA Platform prior to 5.3.0, and BRMS Platform prior to 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnos...
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.0
Redhat Jboss Enterprise Portal Platform
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Portal Platform 4.3.0
Redhat Jboss Enterprise Portal Platform 5.0.1
Redhat Jboss Enterprise Portal Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 5.1.1
Redhat Jboss Enterprise Soa Platform 5.1.0
Redhat Jboss Enterprise Soa Platform 4.2.0
Redhat Jboss Enterprise Soa Platform
Redhat Jboss Enterprise Soa Platform 4.3.0
Redhat Jboss Enterprise Soa Platform 5.0.0
Redhat Jboss Enterprise Soa Platform 5.0.2
Redhat Jboss Enterprise Soa Platform 5.0.1
Redhat Jboss Enterprise Brms Platform
4.6
CVSSv2
CVE-2012-1167
The JBoss Server in JBoss Enterprise Application Platform 5.1.x prior to 5.1.2 and 5.2.x prior to 5.2.2, Web Platform prior to 5.1.2, BRMS Platform prior to 5.3.0, and SOA Platform prior to 5.3.0, when the server is configured to use the JaccAuthorizationRealm and the ignoreBaseD...
Redhat Jboss Enterprise Application Platform 5.1.1
Redhat Jboss Enterprise Application Platform 5.1.0
Redhat Jboss Enterprise Application Platform 5.2.0
Redhat Jboss Enterprise Application Platform 5.2.1
Redhat Jboss Enterprise Soa Platform 5.1.0
Redhat Jboss Enterprise Soa Platform 5.0.2
Redhat Jboss Enterprise Soa Platform 5.0.1
Redhat Jboss Enterprise Soa Platform
Redhat Jboss Enterprise Soa Platform 5.1.1
Redhat Jboss Enterprise Web Platform 5.1.0
Redhat Jboss Enterprise Brms Platform
Redhat Jboss Enterprise Web Platform
Redhat Jboss Enterprise Soa Platform 5.0.0
6
CVSSv2
CVE-2011-2908
Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform prior to 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authentication of arbitrary users...
Redhat Jboss Enterprise Portal Platform 5.0.0
Redhat Jboss Enterprise Portal Platform 5.1.1
Redhat Jboss Enterprise Portal Platform 5.1.0
Redhat Jboss Enterprise Portal Platform
Redhat Jboss Enterprise Brms Platform 5.3.0
Redhat Jboss Enterprise Portal Platform 5.2.0
Redhat Jboss Enterprise Soa Platform 5.3.0
Redhat Jboss Enterprise Portal Platform 5.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3