Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2012-5629

Published: 12/03/2013 Updated: 13/02/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Redhat

Vulnerability Summary

The default configuration of the (1) LdapLoginModule and (2) LdapExtLoginModule modules in JBoss Enterprise Application Platform (EAP) 4.3.0 CP10, 5.2.0, and 6.0.1, and Enterprise Web Platform (EWP) 5.2.0 allow remote malicious users to bypass authentication via an empty password.

Vulnerable Product Search on Vulmon Subscribe to Product

redhat jboss enterprise web platform 5.2.0

redhat jboss enterprise application platform 6.0.1

redhat jboss enterprise application platform 4.3.0

redhat jboss enterprise application platform 5.2.0

Vendor Advisories

Red Hat: Important: JBoss Enterprise Application Platform 4.3.0 CP10 security update
Synopsis Important: JBoss Enterprise Application Platform 430 CP10 security update Type/Severity Security Advisory: Important Topic Updated JBoss Enterprise Application Platform 430 CP10 packages that fixone security issue are now available for Red Hat Enterprise Linux 4 and 5The Red Hat Security Respo ...
Red Hat: Important: JBoss Enterprise Application Platform 6.0.1 security update
Synopsis Important: JBoss Enterprise Application Platform 601 security update Type/Severity Security Advisory: Important Topic An update for JBoss Enterprise Application Platform 601 which fixes onesecurity issue is now available from the Red Hat Customer PortalThe Red Hat Security Response Team has ra ...
Red Hat: Important: JBoss Enterprise Application Platform 6.0.1 security update
Synopsis Important: JBoss Enterprise Application Platform 601 security update Type/Severity Security Advisory: Important Topic Updated JBoss Enterprise Application Platform 601 packages that fix onesecurity issue are now available for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team h ...
Red Hat: Important: jbosssx security update
Synopsis Important: jbosssx security update Type/Severity Security Advisory: Important Topic An update for JBoss Enterprise BRMS Platform 531, JBoss Enterprise PortalPlatform 430 CP07 and 522, and JBoss Enterprise SOA Platform 420CP05, and 430 CP05 which fixes one security issue is now available f ...
Red Hat: Important: JBoss Enterprise Application Platform 4.3.0 CP10 security update
Synopsis Important: JBoss Enterprise Application Platform 430 CP10 security update Type/Severity Security Advisory: Important Topic An update for JBoss Enterprise Application Platform 430 CP10 which fixesone security issue is now available from the Red Hat Customer PortalThe Red Hat Security Response T ...
Red Hat: Important: JBoss Enterprise SOA Platform 5.3.1 update
Synopsis Important: JBoss Enterprise SOA Platform 531 update Type/Severity Security Advisory: Important Topic JBoss Enterprise SOA Platform 531, which fixes multiple security issues,various bugs, and adds enhancements, is now available from the Red HatCustomer PortalThe Red Hat Security Response Team h ...

References

CWE-264http://rhn.redhat.com/errata/RHSA-2013-0229.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0230.htmlhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=885569http://rhn.redhat.com/errata/RHSA-2013-0234.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0231.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0248.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0233.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0232.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0586.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0533.htmlhttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2013:0249
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook