Page 3 of 12 results (0.010 seconds)

CVSS: 5.8EPSS: 0%CPEs: 9EXPL: 0

Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON agent key, which allows remote attackers to spoof the identity of arbitrary agents via the registered agent name. Red Hat JBoss Operations Network (JON) anterior a 2.4.2 y 3.0.x anterior a 3.0.1 no comprueba la clave del agente JON, lo que permite a atacantes remotos falsificar la identidad de agentes arbitrarios a través del nombre del agente registrado. • http://rhn.redhat.com/errata/RHSA-2012-0089.html http://rhn.redhat.com/errata/RHSA-2012-0406.html https://bugzilla.redhat.com/show_bug.cgi?id=781964 https://access.redhat.com/security/cve/CVE-2012-0052 • CWE-20: Improper Input Validation •

CVSS: 5.8EPSS: 0%CPEs: 9EXPL: 0

Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 allows remote attackers to hijack agent sessions via an agent registration request without a security token. Red Hat JBoss Operations Network (JON) anterior a 2.4.2 y 3.0.x anterior a 3.0.1 permite a atacantes remotos secuestrar sesiones de agente a través de una solicitud de registro de agente sin un token de seguridad. • http://rhn.redhat.com/errata/RHSA-2012-0089.html http://rhn.redhat.com/errata/RHSA-2012-0406.html https://bugzilla.redhat.com/show_bug.cgi?id=783008 https://access.redhat.com/security/cve/CVE-2012-0062 • CWE-287: Improper Authentication •