Back to search
CVE-2012-5629
Published: Mar 12, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The default configuration of the (1) LdapLoginModule and (2) LdapExtLoginModule modules in JBoss Enterprise Application Platform (EAP) 4.3.0 CP10, 5.2.0, and 6.0.1, and Enterprise Web Platform (EWP) 5.2.0 allow remote attackers to bypass authentication via an empty password.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2013:0234
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0586
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0248
vendor-advisory
x_refsource_REDHAT
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=885569
x_refsource_MISC
RHSA-2013:0229
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0230
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0232
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0533
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0231
vendor-advisory
x_refsource_REDHAT
RHSA-2013:0233
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now