JBoss Operations Network Multiple Security Bypass Vulnerabilities
BID:51827
Info
JBoss Operations Network Multiple Security Bypass Vulnerabilities
| Bugtraq ID: | 51827 |
| Class: | Access Validation Error |
| CVE: |
CVE-2011-4573 CVE-2012-0052 CVE-2012-0062 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 02 2012 12:00AM |
| Updated: | Feb 02 2012 12:00AM |
| Credit: | Reported by the vendor. |
| Vulnerable: |
Red Hat JBoss Operations Network 2.4.1 |
| Not Vulnerable: |
Red Hat JBoss Operations Network 2.4.2 |
Discussion
JBoss Operations Network Multiple Security Bypass Vulnerabilities
JBoss Operations Network is prone to multiple security-bypass vulnerabilities.
Successful exploits can allow attackers to bypass certain security restrictions and access sensitive information or perform unauthorized actions; other attacks may also be possible.
Versions prior to JBoss Operations Network 2.4.2 are affected.
JBoss Operations Network is prone to multiple security-bypass vulnerabilities.
Successful exploits can allow attackers to bypass certain security restrictions and access sensitive information or perform unauthorized actions; other attacks may also be possible.
Versions prior to JBoss Operations Network 2.4.2 are affected.
Exploit / POC
JBoss Operations Network Multiple Security Bypass Vulnerabilities
Attackers can exploit these issues through a browser.
Attackers can exploit these issues through a browser.
Solution / Fix
JBoss Operations Network Multiple Security Bypass Vulnerabilities
Solution:
Updates are available; please see the references for more information.
Solution:
Updates are available; please see the references for more information.
References
JBoss Operations Network Multiple Security Bypass Vulnerabilities
References:
References:
- JBoss Operations Network Homepage (Red Hat)