CVE-2011-4608

mod_cluster: malicious worker nodes can register on any vhost

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from an external vhost that does not enforce security constraints.

mod_cluster en JBoss Enterprise Application Platform v5.1.2 de Red Hat Linux permite a los nodos inscribirse en hosts virtuales de su elección, lo que permite a atacantes remotos evitar las restricciones de acceso y ofrecer contenido malicioso, secuestrar sesiones y robar las credenciales registrando un vhost externo que no imponga restricciones de seguridad.

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-11-29 CVE Reserved
2012-01-18 CVE Published
2023-03-07 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-264: Permissions, Privileges, and Access Controls
CWE-863: Incorrect Authorization

CAPEC

References (11)

URL	Tag	Source
http://www.securityfocus.com/bid/51554	Vdb Entry
http://www.securitytracker.com/id?1026545	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/72460	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://www.redhat.com/support/errata/RHSA-2012-0035.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2012-0036.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2012-0037.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2012-0038.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2012-0039.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2012-0040.html	2023-02-13
https://bugzilla.redhat.com/show_bug.cgi?id=767020	2012-01-18
https://access.redhat.com/security/cve/CVE-2011-4608	2012-01-18

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				5.1.2 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "5.1.2"		-		Affected