Vulnerability in Redhat Jboss_operations_network

CVE-2015-0297

Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of ser…

EPSS: 0.006 (68.5th percentile) — read the EPSS interpretation.

Affected products

Redhat Jboss_operations_network — versions 3.3.1
N/a — versions n/a

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

RHSA-2015:0862 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
1032181 (vdb-entry, x_refsource_SECTRACK)