Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Permissions Privileges and Access Controls Vulnerability - CVE-2012-4550 - Vulnerability Database
Jboss EAP

Jboss EAP Permissions Privileges and Access Controls Vulnerability - CVE-2012-4550

Medium
Reference: CVE-2012-4550
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-4550
Title: Jboss EAP Permissions Privileges and Access Controls Vulnerability
Overview:

JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before 6.0.1 when using role-based authorization for Enterprise Java Beans (EJB) access does not call the intended authorization modules which prevents JACC permissions from being applied and allows remote attackers to obtain access to the EJB.