CVE-2012-0062

Redhat Jboss Operations Network < 2.4.1 - Authentication Bypass

Title source: rule

Description

Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 allows remote attackers to hijack agent sessions via an agent registration request without a security token.

References (3)

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0089.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2012-0406.html

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=783008

Scores

EPSS 0.0027

EPSS Percentile 50.5%

Classification

CWE

CWE-287

Status draft

Affected Products (9)

redhat/jboss_operations_network < 2.4.1

redhat/jboss_operations_network

Timeline

Published Feb 14, 2014

Tracked Since Feb 18, 2026