Red Hat Jboss Application Server 7.0.0 Beta 1

CPE Details

Red Hat Jboss Application Server 7.0.0 Beta 1
redhat
jboss_application_server
7.0.0
2019-12-12
13h42 +00:00
2019-12-12
13h42 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:redhat:jboss_application_server:7.0.0:beta1:*:*:*:*:*:*

Informations

Vendor

redhat

Product

jboss_application_server

Version

7.0.0

Update

beta1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2012-1094 2020-03-10 15h19 +00:00 JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.
7.5
Haute
CVE-2011-3609 2019-11-26 01h03 +00:00 A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console information (for example via the "Access-Control-Allow-Origin" HTTP access control flag). This can lead to unauthorized information leak if a user with admin privileges visits a specially-crafted web page provided by a remote attacker.
6.5
Moyen
CVE-2011-3606 2019-11-26 00h43 +00:00 A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which would lead into the DOM environment modification and arbitrary HTML or web script execution.
5.4
Moyen