CVE-2012-5626 (jboss_brms, jboss_enterprise_application_platform, jboss_enterprise_web_server, jboss_operations_network, jboss_portal, jboss_soa_platform)

EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation.

View Full Alert

Leave a Reply