CVE-2013-4112
JGroups 3.0.0-3.2.8 & 3.3.0-3.3.2 - Sensitive Info Exposure & RCE via DiagnosticsHandler
Title source: llmDescription
The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.
References (7)
Core 7
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0029.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1209.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1437.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1207.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1208.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1771.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=983489
Scores
EPSS
0.0161
EPSS Percentile
73.0%
Details
CWE
CWE-200
Status
published
Products (30)
jgroups/jgroup
3.0.0
jgroups/jgroup
3.0.1
jgroups/jgroup
3.0.2
jgroups/jgroup
3.0.3
jgroups/jgroup
3.0.4
jgroups/jgroup
3.0.5
jgroups/jgroup
3.0.6
jgroups/jgroup
3.0.7
jgroups/jgroup
3.0.8
jgroups/jgroup
3.0.9
... and 20 more
Published
Sep 28, 2013
Tracked Since
Feb 18, 2026