PT-2012-5507 · Red Hat+1 · Jboss+1

Publicado

2012-08-22

·

Atualizado

2017-01-20

·

CVE-2012-4599

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions McAfee SmartFilter Administration versions prior to 4.2.1.01 McAfee SmartFilter Administration Bess Edition versions prior to 4.2.1.01
Description The issue allows remote attackers to execute arbitrary code via a crafted .war file, due to the lack of authentication requirement for access to the JBoss Remote Method Invocation (RMI) interface.
Recommendations For McAfee SmartFilter Administration versions prior to 4.2.1.01, update to version 4.2.1.01 or later. For McAfee SmartFilter Administration Bess Edition versions prior to 4.2.1.01, update to version 4.2.1.01 or later.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2012-4599

Produtos afetados

Jboss
Mcafee Smartfilter Administration