CVE-2012-3370
N/A
N/A
Summary
The SecurityAssociation.getCredential method in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 returns the credentials of the previous user when a security context is not provided, which allows remote attackers to gain privileges as other users.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=836456
- https://exchange.xforce.ibmcloud.com/vulnerabilities/81513
- http://rhn.redhat.com/errata/RHSA-2013-0192.html
- http://rhn.redhat.com/errata/RHSA-2013-0198.html
- http://rhn.redhat.com/errata/RHSA-2013-0195.html
- http://rhn.redhat.com/errata/RHSA-2013-0221.html
- http://www.osvdb.org/89581
- http://rhn.redhat.com/errata/RHSA-2013-0196.html
- http://www.securityfocus.com/bid/57550
- http://rhn.redhat.com/errata/RHSA-2013-0193.html
- http://secunia.com/advisories/51984
- http://securitytracker.com/id?1028042
- http://secunia.com/advisories/52054
- http://rhn.redhat.com/errata/RHSA-2013-0191.html
- http://rhn.redhat.com/errata/RHSA-2013-0533.html
- http://rhn.redhat.com/errata/RHSA-2013-0197.html
- http://rhn.redhat.com/errata/RHSA-2013-0194.html
References
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=836456
- https://exchange.xforce.ibmcloud.com/vulnerabilities/81513
- http://rhn.redhat.com/errata/RHSA-2013-0192.html
- http://rhn.redhat.com/errata/RHSA-2013-0198.html
- http://rhn.redhat.com/errata/RHSA-2013-0195.html
- http://rhn.redhat.com/errata/RHSA-2013-0221.html
- http://www.osvdb.org/89581
- http://rhn.redhat.com/errata/RHSA-2013-0196.html
- http://www.securityfocus.com/bid/57550
- http://rhn.redhat.com/errata/RHSA-2013-0193.html
- http://secunia.com/advisories/51984
- http://securitytracker.com/id?1028042
- http://secunia.com/advisories/52054
- http://rhn.redhat.com/errata/RHSA-2013-0191.html
- http://rhn.redhat.com/errata/RHSA-2013-0533.html
- http://rhn.redhat.com/errata/RHSA-2013-0197.html
- http://rhn.redhat.com/errata/RHSA-2013-0194.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.