Red Hat JBoss Operations Network (JON) prior to 2.4.2 and 3.0.x prior to 3.0.1 does not check the JON agent key, which allows remote malicious users to spoof the identity of arbitrary agents via the registered agent name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss operations network |
||
redhat jboss operations network 2.4 |
||
redhat jboss operations network 2.3.1 |
||
redhat jboss operations network 2.3 |
||
redhat jboss operations network 2.2 |
||
redhat jboss operations network 2.1.0 |
||
redhat jboss operations network 2.0.0 |
||
redhat jboss operations network 3.0 |
||
redhat jboss operations network 2.0.1 |