Improper input validation in Redhat Jboss_enterprise_service_bus
CVE-2010-2474
JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2 does not properly consider the security domain with which a service is secured, which might allow remote attackers to gain privileges by execu…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.003 (48.7th percentile) — read the EPSS interpretation.
Affected products
- Redhat Jboss_enterprise_service_bus — versions 4.2.1, 4.5, 4.0
- Redhat Jboss_enterprise_soa_platform — versions 4.3.0, 5.0.0, 5.0.1
- N/a — versions n/a
Weakness classification (CWE)
References
- 40568 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- 40681 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (x_refsource_CONFIRM)