Vulnerability in Redhat Jboss_enterprise_soa_platform

CVE-2010-2493

The default configuration of the deployment descriptor (aka web.xml) in picketlink-sts.war in (1) the security_saml quickstart, (2) the webservice_proxy_security quickstart, (3) the web-console application, (4) the http-invoker application…

EPSS: 0.000 (15.0th percentile) — read the EPSS interpretation.

Affected products

Redhat Jboss_enterprise_soa_platform — versions 4.3.0, 5.0.0, 4.2.0
N/a — versions n/a

Weakness classification (CWE)

CWE-16

References

secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_CONFIRM)
40681 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (x_refsource_CONFIRM)