JGroups diagnostics service in JBoss Enterprise Portal Platform prior to 5.2.2, SOA Platform prior to 5.3.0, and BRMS Platform prior to 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a crafted IP multicast.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss enterprise portal platform 5.1.1 |
||
redhat jboss enterprise portal platform 5.1.0 |
||
redhat jboss enterprise portal platform |
||
redhat jboss enterprise portal platform 5.2.0 |
||
redhat jboss enterprise portal platform 4.3.0 |
||
redhat jboss enterprise portal platform 5.0.1 |
||
redhat jboss enterprise portal platform 5.0.0 |
||
redhat jboss enterprise soa platform 5.1.1 |
||
redhat jboss enterprise soa platform 5.1.0 |
||
redhat jboss enterprise soa platform 4.2.0 |
||
redhat jboss enterprise soa platform |
||
redhat jboss enterprise soa platform 4.3.0 |
||
redhat jboss enterprise soa platform 5.0.0 |
||
redhat jboss enterprise soa platform 5.0.2 |
||
redhat jboss enterprise soa platform 5.0.1 |
||
redhat jboss enterprise brms platform |