Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat jboss enterprise application platform vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-20250
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
Redhat Jboss Enterprise Application Platform Expansion Pack -
Redhat Jboss-ejb-client
4.3
CVSSv2
CVE-2022-0866
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field ...
Redhat Openstack Platform 13.0
Redhat Wildfly
Redhat Jboss Enterprise Application Platform
5
CVSSv2
CVE-2022-0853
A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.
Redhat Descision Manager 7.0
Redhat Jboss Enterprise Application Platform 7.0.0
Redhat Jboss Enterprise Application Platform Expansion Pack -
Redhat Process Automation 7.0
Redhat Single Sign-on 7.0
1 Github repository
7.5
CVSSv2
CVE-2011-4608
mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote malicious users to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credenti...
Redhat Jboss Enterprise Application Platform 5.1.2
2.6
CVSSv2
CVE-2016-9585
Red Hat JBoss EAP version 5 is vulnerable to a deserialization of untrusted data in the JMX endpoint when deserializes the credentials passed to it. An attacker could exploit this vulnerability resulting in a denial of service attack.
Redhat Jboss Enterprise Application Platform 5.0.0
4.9
CVSSv2
CVE-2014-3472
The isCallerInRole function in SimpleSecurityManager in JBoss Application Server (AS) 7, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.3.0, does not properly check caller roles, which allows remote authenticated users to bypass access restrictions via unspeci...
Redhat Jboss Enterprise Application Platform 6.3.0
7.5
CVSSv2
CVE-2017-7503
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
Redhat Jboss Enterprise Application Platform 7.0.5
4.3
CVSSv2
CVE-2010-3878
Cross-site request forgery (CSRF) vulnerability in the JMX Console in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 prior to 4.3.0.CP09 allows remote malicious users to hijack the authentication of administrators for requests that deploy WAR files.
Redhat Jboss Enterprise Application Platform 4.3.0
6.4
CVSSv2
CVE-2012-4550
JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) prior to 6.0.1, when using role-based authorization for Enterprise Java Beans (EJB) access, does not call the intended authorization modules, which prevents JACC permissions from being applied and allows remote malici...
Redhat Jboss Enterprise Application Platform 6.0.0
2.1
CVSSv2
CVE-2012-3427
EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services (AWS) credentials by reading files in the directory.
Redhat Jboss Enterprise Application Platform 5.1.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »