CVE-2012-2148
LOWJBoss Community Application Server - Improper Privilege Management via Property Replacements
Title source: llmDescription
An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies
References (3)
Core 3
Core References
Third Party Advisory x_refsource_misc
https://security-tracker.debian.org/tracker/CVE-2012-2148
Issue Tracking, Vendor Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2148
Vendor Advisory x_refsource_misc
https://access.redhat.com/security/cve/cve-2012-2148
Scores
CVSS v3
3.3
EPSS
0.0032
EPSS Percentile
23.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-269
Status
published
Products (2)
redhat/jboss_community_application_server
7.1.1
redhat/jboss_enterprise_web_server
1.0.0
Published
Dec 06, 2019
Tracked Since
Feb 18, 2026