CVE-2011-4573

Name of the Vulnerable Software and Affected Versions Red Hat JBoss Operations Network (JON) versions prior to 2.4.2

Description The issue is related to the improper enforcement of "modify resource" permissions for remote authenticated users. Specifically, when a remote authenticated user deletes a plug-in configuration update from the group connection properties history, the activity is not recorded in the audit trail.

Recommendations For versions prior to 2.4.2, update to version 2.4.2 or later to resolve the issue.