Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Permissions Privileges and Access Controls Vulnerability - CVE-2011-4608 - Vulnerability Database
Jboss EAP

Jboss EAP Permissions Privileges and Access Controls Vulnerability - CVE-2011-4608

High
Reference: CVE-2011-4608
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2011-4608
Title: Jboss EAP Permissions Privileges and Access Controls Vulnerability
Overview:

mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts which allows remote attackers to bypass intended access restrictions and provide malicious content hijack sessions and steal credentials by registering from an external vhost that does not enforce security constraints.