Vulnerability in Redhat Jboss_enterprise_application_platform
CVE-2012-5629
The default configuration of the (1) LdapLoginModule and (2) LdapExtLoginModule modules in JBoss Enterprise Application Platform (EAP) 4.3.0 CP10, 5.2.0, and 6.0.1, and Enterprise Web Platform (EWP) 5.2.0 allow remote attackers to bypass a…
EPSS: 0.008 (74.2th percentile) — read the EPSS interpretation.
Affected products
- Redhat Jboss_enterprise_application_platform — versions 4.3.0, 5.2.0, 6.0.1
- Redhat Jboss_enterprise_web_platform — versions 5.2.0
- N/a — versions n/a
Weakness classification (CWE)
References
- RHSA-2013:0234 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
- RHSA-2013:0586 (x_refsource_REDHAT, vendor-advisory)
- RHSA-2013:0248 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
- secalert@redhat.com (x_refsource_MISC)
- RHSA-2013:0229 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
- RHSA-2013:0230 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
- RHSA-2013:0232 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
- RHSA-2013:0533 (x_refsource_REDHAT, vendor-advisory)
- RHSA-2013:0231 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
- RHSA-2013:0233 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)