Back to search
CVE-2012-4572
Published: Oct 28, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control certain applications' authorization decisions via a crafted application.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2013:0833
vendor-advisory
x_refsource_REDHAT
RHSA-2013:1437
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0834
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now