Описание
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.
Дополнительная информация
Статус:
Important
https://bugzilla.redhat.com/show_bug.cgi?id=781964JON: Unapproved agents can connect using the name of an existing approved agent
5.8 Medium
CVSS2
Связанные уязвимости
nvd
почти 12 лет назад
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.
github
почти 4 года назад
Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name.
5.8 Medium
CVSS2