PT-2013-1463 · Red Hat · Brms Platform+3

Tyler Krpata

Publicado

2013-02-05

Atualizado

2023-02-13

CVE-2011-4575

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions JBoss Enterprise Application Platform (EAP) versions prior to 5.2.0 Web Platform (EWP) versions prior to 5.2.0 BRMS Platform versions prior to 5.3.1 SOA Platform versions prior to 5.3.1

Description A cross-site scripting (XSS) issue exists in the JMX console, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For JBoss Enterprise Application Platform (EAP) versions prior to 5.2.0, update to version 5.2.0 or later. For Web Platform (EWP) versions prior to 5.2.0, update to version 5.2.0 or later. For BRMS Platform versions prior to 5.3.1, update to version 5.3.1 or later. For SOA Platform versions prior to 5.3.1, update to version 5.3.1 or later.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2011-4575

RHSA-2013:0191

RHSA-2013:0192

RHSA-2013:0193

RHSA-2013:0195

RHSA-2013:0196

RHSA-2013:0197

Produtos afetados

Brms Platform

Red Hat Jboss Enterprise Application Platform

Soa Platform

Web Platform

PT-2013-1463 · Red Hat · Brms Platform+3

CVE-2011-4575

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 16