Описание
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 allows remote attackers to hijack agent sessions via an agent registration request without a security token.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.4.1 (включая)
Одно из
cpe:2.3:a:redhat:jboss_operations_network:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00274
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
redhat
около 14 лет назад
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 allows remote attackers to hijack agent sessions via an agent registration request without a security token.
github
почти 4 года назад
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 allows remote attackers to hijack agent sessions via an agent registration request without a security token.
EPSS
Процентиль: 50%
0.00274
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-287