Jboss EAP Permissions Privileges and Access Controls Vulnerability - CVE-2012-5629 - Vulnerability Database

Jboss EAP Permissions Privileges and Access Controls Vulnerability - CVE-2012-5629

High

Reference: CVE-2012-5629

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-5629

Title: Jboss EAP Permissions Privileges and Access Controls Vulnerability

Overview:

The default configuration of the (1) LdapLoginModule and (2) LdapExtLoginModule modules in JBoss Enterprise Application Platform (EAP) 4.3.0 CP10 5.2.0 and 6.0.1 and Enterprise Web Platform (EWP) 5.2.0 allow remote attackers to bypass authentication via an empty password.