Back to search
CVE-2012-2377
Published: Nov 23, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a crafted IP multicast.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2012:1028
vendor-advisory
x_refsource_REDHAT
54183
vdb-entry
x_refsource_BID
RHSA-2013:0192
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0198
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0195
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0196
vendor-advisory
x_refsource_REDHAT
50084
third-party-advisory
x_refsource_SECUNIA
83085
vdb-entry
x_refsource_OSVDB
jboss-jgroups-info-disc(76540)
vdb-entry
x_refsource_XF
RHSA-2013:0193
vendor-advisory
x_refsource_REDHAT
51984
third-party-advisory
x_refsource_SECUNIA
50549
third-party-advisory
x_refsource_SECUNIA
RHSA-2013:0191
vendor-advisory
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=823392
x_refsource_MISC
49669
third-party-advisory
x_refsource_SECUNIA
RHSA-2012:1232
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0197
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0194
vendor-advisory
x_refsource_REDHAT
RHSA-2012:1125
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now