Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-1100

Опубликовано: 14 фев. 2014
Источник: nvd
CVSS2: 5.8
EPSS Низкий

Описание

Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote attackers to login to LDAP-based accounts via an arbitrary password in a login request.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:jboss_operations_network:*:*:*:*:*:*:*:*
Версия до 2.4.1 (включая)
cpe:2.3:a:redhat:jboss_operations_network:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:2.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 53%
0.00305
Низкий

5.8 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

redhat логотип

CVE-2012-1100

redhat
почти 14 лет назад

Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote attackers to login to LDAP-based accounts via an arbitrary password in a login request.

github логотип

GHSA-vffv-j7h7-crc3

github
больше 3 лет назад

Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote attackers to login to LDAP-based accounts via an arbitrary password in a login request.

EPSS

Процентиль: 53%
0.00305
Низкий

5.8 Medium

CVSS2

Дефекты

CWE-287