CVE-2013-2133 – WS: EJB3 role restrictions are not applied to jaxws handlers
https://notcve.org/view.php?id=CVE-2013-2133
The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) before 6.2.0, does not properly enforce the method level restrictions for JAX-WS Service endpoints, which allows remote authenticated users to access otherwise restricted JAX-WS handlers by leveraging permissions to the EJB class. La implementación del manejador de invocación EJB en Red Hat JBossWS, como se utiliza en JBoss Enterprise Application Platform (EAP) anteriores a 6.2.0, no hace cumplir correctamente las restricciones de nivel de método para JAX-WS Service endpoints, lo cual permite a usuarios autenticados remotamente acceder a manejadores, de otra manera restringidos, mediante el aprovechamiento de permisos de la clase EJB. A flaw was found in the way method-level authorization for JAX-WS Service endpoints was performed by the EJB invocation handler implementation. Any restrictions declared on EJB methods were ignored when executing the JAX-WS handlers, and only class-level restrictions were applied. A remote attacker who is authorized to access the EJB class, could invoke a JAX-WS handler which they were not authorized to invoke. • http://rhn.redhat.com/errata/RHSA-2013-1784.html http://rhn.redhat.com/errata/RHSA-2013-1785.html http://rhn.redhat.com/errata/RHSA-2013-1786.html http://rhn.redhat.com/errata/RHSA-2015-0850.html http://rhn.redhat.com/errata/RHSA-2015-0851.html http://www.securitytracker.com/id/1029431 https://access.redhat.com/security/cve/CVE-2013-2133 https://bugzilla.redhat.com/show_bug.cgi?id=969924 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •
CVE-2013-1921 – PicketBox: Insecure storage of masked passwords
https://notcve.org/view.php?id=CVE-2013-1921
PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file. PicketBox, utilizado en Red Hat JBoss Enterprise Application Platform anteriores a 6.1.1, permite a un usuario local obtener la clave de cifrado de administrador leyendo el archivo de datos Vault. • http://rhn.redhat.com/errata/RHSA-2013-1207.html http://rhn.redhat.com/errata/RHSA-2013-1208.html http://rhn.redhat.com/errata/RHSA-2013-1209.html http://rhn.redhat.com/errata/RHSA-2013-1437.html http://rhn.redhat.com/errata/RHSA-2014-0029.html https://bugzilla.redhat.com/show_bug.cgi?id=948106 https://access.redhat.com/security/cve/CVE-2013-1921 • CWE-310: Cryptographic Issues •
CVE-2013-4112 – JGroups: Authentication via cached credentials
https://notcve.org/view.php?id=CVE-2013-4112
The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials. El DiagnosticsHandler en JGroup 3.0.x, 3.1.x, 3.2.x anterior a 3.2.9 , y 3.3.x anterior a 3.3.3 permite a atacantes remotos obtener información sensible (información de disgnósticos) y ejecutar codigo arbitrario reutilizando credenciales válidas • http://rhn.redhat.com/errata/RHSA-2013-1207.html http://rhn.redhat.com/errata/RHSA-2013-1208.html http://rhn.redhat.com/errata/RHSA-2013-1209.html http://rhn.redhat.com/errata/RHSA-2013-1437.html http://rhn.redhat.com/errata/RHSA-2013-1771.html http://rhn.redhat.com/errata/RHSA-2014-0029.html https://bugzilla.redhat.com/show_bug.cgi?id=983489 https://access.redhat.com/security/cve/CVE-2013-4112 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2012-4572 – JBoss: custom authorization module implementations shared between applications
https://notcve.org/view.php?id=CVE-2012-4572
Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control certain applications' authorization decisions via a crafted application. Red Hat JBoss Enterprise Application Platform (EAP) antes de 6.1.0 y JBoss Portal anteriores a 6.1.0 no carga la implementación de un módulo de autorización personalizado para una nueva aplicación cuando una aplicación está ya cargada y los módulos comparten los nombres de clase, lo que permite a usuarios locales controlar las decisiones de autorización ciertas aplicaciones a través de una aplicación manipulada. • http://rhn.redhat.com/errata/RHSA-2013-0833.html http://rhn.redhat.com/errata/RHSA-2013-0834.html http://rhn.redhat.com/errata/RHSA-2013-1437.html https://access.redhat.com/security/cve/CVE-2012-4572 https://bugzilla.redhat.com/show_bug.cgi?id=872059 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-4549 – AS: EJB authorization succeeds for any role when allowed roles list is empty
https://notcve.org/view.php?id=CVE-2012-4549
The processInvocation function in org.jboss.as.ejb3.security.AuthorizationInterceptor in JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before 6.0.1, authorizes all requests when no roles are allowed for an Enterprise Java Beans (EJB) method invocation, which allows attackers to bypass intended access restrictions for EJB methods. La función processInvocation en org.jboss.as.ejb3.security.AuthorizationInterceptor en JBoss Enterprise Application Platform (tambien conocido como JBoss EAP o JBEAP) anteriores a v6.0.1, autoriza todas las peticiones cuando no están permitidos los roles para la invocación del método Enterprise Java Beans (EJB), lo que permite a atacantes remotos evitar las restricciones impuestas a los métodos EJB. • http://rhn.redhat.com/errata/RHSA-2012-1591.html http://rhn.redhat.com/errata/RHSA-2012-1592.html http://rhn.redhat.com/errata/RHSA-2012-1594.html http://secunia.com/advisories/51607 https://access.redhat.com/security/cve/CVE-2012-4549 https://bugzilla.redhat.com/show_bug.cgi?id=870868 • CWE-264: Permissions, Privileges, and Access Controls •