CVE-2013-4128

Published: Aug 16, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

RHSA-2013:1152

vendor-advisory

x_refsource_REDHAT

96217

vdb-entry

x_refsource_OSVDB

54508

third-party-advisory

x_refsource_SECUNIA

RHSA-2013:1437

vendor-advisory

x_refsource_REDHAT

1028898

vdb-entry

x_refsource_SECTRACK

RHSA-2013:1151

vendor-advisory

x_refsource_REDHAT

eap-cve20134128-session-hijacking(86386)

vdb-entry

x_refsource_XF

https://bugzilla.redhat.com/show_bug.cgi?id=984795

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-4128

Description

Affected Products

References