Vulnerability in Redhat Jboss_seam_2_framework

CVE-2013-6448

The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allows remote attackers to bypass the WebRemote annotation restriction and obtain information about arbi…

EPSS: 0.003 (49.8th percentile) — read the EPSS interpretation.

Affected products

Redhat Jboss_seam_2_framework — versions 2.0.0, 2.0.1, 2.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

1029652 (vdb-entry, x_refsource_SECTRACK)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
56572 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
RHSA-2014:0045 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)