Back to search
CVE-2012-3347
Published: Jun 13, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
AutoFORM PDM Archive before 7.0 implements user accounts in a way that allows for JMX Console authentication, which allows remote authenticated users to bypass intended access restrictions via the /jmx-console URI, and then upload and execute arbitrary JSP code via a JBoss remote-deployment mechanism, a different vulnerability than CVE-2012-1828.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.kb.cert.org/vuls/id/MAPG-8RQL83
x_refsource_CONFIRM
VU#773035
third-party-advisory
x_refsource_CERT-VN
49335
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now