CVE-2013-4128

Loading...

General

Score:6.4/10.0
Severity:Medium
Category:Configuration Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 16/08/13 - Updated on 29/08/17

Description

Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client.

Category: Configuration Error

CWE-16 (Configuration)
Weaknesses in this category are typically introduced during the configuration of the software.

Security Notices

US National Vulnerability DatabaseCVE-2013-4128

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
redhatjboss_enterprise_application_platform

Share this vulnerability with:

Twitter Facebook LinkedIn Mail