CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0245 – WSRP: Information disclosure via unsafe concurrency handling in interceptor
https://notcve.org/view.php?id=CVE-2014-0245
It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain privileged information if WS-Security is enabled for the WSRP Consumer, and the endpoint in question is being used by a privileged user. This affects JBoss Portal 6.2.0. Se detectó que la implementación de la clase GTNSubjectCreatingInterceptor en gatein-wsrp no era segura para subprocesos o hilos. Para un endpoint WSRP específico, en escenarios de alta concurrencia o escenarios en los que los mensajes SOAP tardan en ser ejecutados, era posible que un atacante remoto no autenticado consiga información privilegiada si WS-Security está habilitado para el consumidor de WSRP, y el endpoint en cuestión está siendo utilizado por un usuario privilegiado. • https://access.redhat.com/errata/RHSA-2015:1009 https://access.redhat.com/security/cve/cve-2014-0245 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0245 https://access.redhat.com/security/cve/CVE-2014-0245 https://bugzilla.redhat.com/show_bug.cgi?id=1101303 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5176 – PortletBridge: information disclosure via auto-dispatching of non-JSF resources
https://notcve.org/view.php?id=CVE-2015-5176
The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JSF resource. Vulnerabilidad en PortletRequestDispatcher en PortletBridge, tal como se utiliza en Red Hat JBoss Portal versión 6.2.0, no hace cumplir adecuadamente las restricciones de seguridad de servlets, lo que permite a atacantes remotos obtener el acceso a los recursos a través de una petición que solicita hacer uso de un recurso no JSF. It was found that PortletBridge PortletRequestDispatcher did not respect security constraints set by the servlet if a portlet request asked for rendering of a non-JSF resource such as JSP or HTML. A remote attacker could use this flaw to potentially bypass certain security constraints and gain access to restricted resources. • http://rhn.redhat.com/errata/RHSA-2015-1543.html https://access.redhat.com/security/cve/CVE-2015-5176 https://bugzilla.redhat.com/show_bug.cgi?id=1244835 • CWE-17: DEPRECATED: Code CWE-284: Improper Access Control •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3244 – JSF: Information disclosure due to missing access restriction in portlet resource dispatching
https://notcve.org/view.php?id=CVE-2015-3244
The Portlet Bridge for JavaServer Faces in Red Hat JBoss Portal 6.2.0, when used in portlets with the default resource serving for GenericPortlet, does not properly restrict access to restricted resources, which allows remote attackers to obtain sensitive information via a URL with a modified resource ID. El Portlet Bridge para JavaServer Faces en Red Hat JBoss Portal 6.2.0, cuando se utiliza en portlets con el recurso estándar funcionando para el GenericPortlet, no restringe adecuadamente el acceso a los recursos limitados, lo que permite a atacantes remotos obtener información sensible a través de una URL con un recurso ID modificado. It was found that JavaServer Faces PortletBridge-based portlets using GenericPortlet's default resource serving did not restrict access to resources within the web application. An attacker could set the resource ID field of a URL to potentially bypass security constraints and gain access to restricted resources. • http://rhn.redhat.com/errata/RHSA-2015-1226.html http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/bid/75941 https://bugzilla.redhat.com/show_bug.cgi?id=1232908 https://access.redhat.com/security/cve/CVE-2015-3244 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •