CVE-2012-5626

Summary

EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation.

Affected Software

VendorProductVersion RangeStatus
Red HatJBoss BRMS5affected
Red HatJBoss Enterprise Application Platform5affected
Red HatJBoss Operations Network3.1affected
Red HatJBoss Portal4affected
Red HatJBoss Portal5affected
Red HatJBoss SOA Platform4.2affected
Red HatJBoss SOA Platform4.3affected
Red HatJBoss SOA Platform5affected
Red HatJBoss Enterprise Web Server1affected

Weaknesses

  • Other

ADP Enrichment

CVE Program Container

Additional References

References