PT-2014-2201 · Red Hat · Red Hat Jboss Operations Network
David Jorm
·
Publicado
2014-02-14
·
Atualizado
2014-02-14
·
CVE-2012-0052
CVSS v2.0
5.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Red Hat JBoss Operations Network (JON) versions prior to 2.4.2
Red Hat JBoss Operations Network (JON) versions 3.0.x prior to 3.0.1
Description
The issue allows remote attackers to spoof the identity of arbitrary agents via the registered agent name, as the JON agent key is not checked.
Recommendations
For versions prior to 2.4.2, update to version 2.4.2 or later.
For versions 3.0.x prior to 3.0.1, update to version 3.0.1 or later.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Red Hat Jboss Operations Network