Vulnerability in Redhat Jboss_operations_network

CVE-2011-4573

Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which pre…

EPSS: 0.001 (32.0th percentile) — read the EPSS interpretation.

Affected products

Redhat Jboss_operations_network — versions 1.0.0, 2.0.0, 2.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

secalert@redhat.com (x_refsource_CONFIRM)
RHSA-2012:0089 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)