| Max CVSS | 7.5 | Min CVSS | 3.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-4605 | 7.5 |
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.
|
13-02-2023 - 00:22 | 23-11-2012 - 20:55 | |
| CVE-2011-4085 | 6.8 |
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which a
|
13-02-2023 - 00:20 | 23-11-2012 - 20:55 | |
| CVE-2012-1167 | 4.6 |
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the server is configured to use the JaccAuthorizationRealm
|
29-08-2017 - 01:31 | 23-11-2012 - 20:55 | |
| CVE-2012-2377 | 3.3 |
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent
|
29-08-2017 - 01:31 | 23-11-2012 - 20:55 |